Articles in this section

See more

How to setup SCIM for OneLogin

Avatar
Maria Bendixen
Updated
Follow

Requirements

  • Be able to create a new company apps

See guide on how to setup SCIM with Azure Active Directory here.

Steps

  • Inside OneLogin go to Apps and then from the dropdown select Company Apps afterwards click on Add App

  • In the Find Applications page in the search bar type in SCIM then you should see multiple applications. Select SCIM Provisioner with SAML (SCIM v2) (this is because we are using SCIM 2.0).
    Screenshot_2019-02-15_at_15.40.35.png

  • After setting up the app you will be redirected to it's main setting page. On the Configuration tab enter the SCIM Base Url the SCIM JSON Template and the Bearer Token obtained from Templafy
    SCIM Base Url = https://scim.templafy.com/scim

  • The SCIM JSON Template looks like this:

IMPORTANT! Some fields below are marked in red. These are custom fields that may not exist or vary by name on your OneLogin setup - Please change accordingly to match your custom fields.

{
    "schemas": [
        "urn:ietf:params:scim:schemas:core:2.0:User",
        "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User"
    ],
    "userName": "{$user.email}",
    "externalId": "{$user.email}",
    "name": {
        "givenName": "{$user.firstname}",
        "familyName": "{$user.lastname}",
        "formatted": "{$user.display_name}"
    },
    "displayName": "{$user.display_name}",
    "addresses": [
        {
            "type": "work",
            "streetAddress": "{$user.custom_fields.streetAddress}",
            "locality": "{$user.custom_fields.locality}",
            "postalCode": "{$user.custom_fields.postalCode}",
            "city": "{$user.custom_fields.city}",
            "region": "{$user.custom_fields.region}"
        }
    ],
    "prefferedLanguage": "{$user.prefferedlanguage}",
    "title": "{$user.title}",
    "phoneNumbers": [
        {
            "value": "{$user.phone}",
            "type": "work"
        },
        {
            "value": "{$user.custom_fields.mobile}",
            "type": "mobile"
        },
        {
            "value": "{$user.custom_fields.fax}",
            "type": "fax"
        }
    ],
    "urn:ietf:params:scim:schemas:extension:enterprise:2.0:User": {
        "department": "{$user.department}",
        "organization": "{$user.custom_fields.organization}"
    }
}

  • On the Provisioning tab turn on Enable Provisioning for Create, Delete and Update User. Also set when user gets deleted to Delete (This is technically optional but if you want your users to be deprovisioned immediately set it to Delete if you want to have a window of 30 days from deletion until it actually gets deprovisioned in Templafy select Delete from the dropdown.). This is how the Provisioning settings should look:
    Screenshot_2019-02-15_at_15.41.56.png

  • Finally after making sure all the settings are correct set API Status in the Configuration tab to Enabled and then click Save. The app should now start provisioning your Users and Groups to Templafy.

Related articles

Comments

0 comments

Please sign in to leave a comment.