Configure outbound provisioning with SCIM2¶
This guide explains how you can configure a System for Cross-domain Identity Management (SCIM) 2.0 (SCIM2) outbound connector for provisioning users from Asgardeo to an external system that supports the SCIM2 protocol.
Configure the SCIM2 outbound connector¶
Set up outbound provisioning and enter the following details to configure the SCIM2 outbound connector.
| Property | Description |
|---|---|
| Authentication Mode | The authentication method used to connect to the SCIM2 endpoint. Select one of the following:
|
| Username | Username for Basic authentication. |
| Password | Password for Basic authentication. |
| Access Token | Access token for Bearer authentication. |
| API Key Header Name | The name of the request header that carries the API key (e.g., X-API-Key). |
| API Key Value | The API key value for API Key authentication. |
| User Endpoint | The SCIM2 user endpoint of the application. e.g. for Asgardeo it is https://localhost:9443/scim2/Users |
| Group Endpoint | The SCIM2 group endpoint of the application. e.g. for Asgardeo it is https://localhost:9443/scim2/Groups |
| User Store Domain | The user store to which users will be provisioned. |
| Enable Password Provisioning | When selected, the user's password is included in the SCIM2 provisioning request. If the password is available at the time of provisioning (e.g., during user creation), it is sent as-is. If it is not available (e.g., when provisioning is triggered by group assignment for an existing user whose password is already hashed), a randomly generated value is sent instead. If not selected, you can set a Default Password to be assigned to the provisioned user account in the external system. |