Automatically Fetch User Accounts without Manually Importing for OneLogin (via SCIM)

OneLogin (via SCIM) 

Introduction: 

OneLogin gives users the ability to access the applications and other resources they need to do their job by logging in once to a single interface. Platforms like OneLogin are known as Identity and Access Management (IAM) solutions that are primarily used to provide their users with a Single Sign-on (SSO) experience.  OneLogin allows you to automatically send user account data (name, email, role, etc.) into external apps like Slack, Zoom, Salesforce, or your custom platform using SCIM without any CSV uploads or manual entry.

SCIM

SCIM (System for Cross-domain Identity Management) is a standard protocol that automates how users are created, updated, or removed across applications. With SCIM, OneLogin can sync user details, like name, email, role to apps like Zoom, or custom platforms that support SCIM.

SCIM helps by:

SCIM is ideal for improving security, reducing IT overhead, and ensuring consistent identity data across platforms.

SAML


SAML (Security Assertion Markup Language) is a standard used for Single Sign-On (SSO). It allows users to log in once to OneLogin and gain access to multiple connected apps (like G Suite, Zoom, or Salesforce) without logging in again.

How it works:

SAML is useful for improving security and user convenience. It’s often used alongside SCIM, where SAML handles authentication and SCIM handles user creation, updates, and removals.

What is Automatic User Provisioning via OneLogin?

Automatic provisioning means OneLogin pushes user details to your app when a user is added, updated, or deleted using the SCIM protocol. This reduces errors, saves IT time, and ensures data stays in sync.

What You Need to Integrate App with OneLogin (SCIM)

Requirement Description
SCIM API Endpoint A web link where OneLogin can send create/update/delete user requests
Bearer Token A secret token (like a password) so OneLogin can authenticate securely
SCIM 2.0 Support Your app must support SCIM 2.0 (understand user creation/update requests)
Set Up SCIM Integration from OneLogin to Your App
Description:

Use OneLogin’s SCIM connector to automatically create, update, or deactivate user accounts in your SCIM-compatible application.

What It Does:

Setup Steps:

Prepare Your App for SCIM Integration
 
Add Your App in OneLogin
 
Enable SCIM Provisioning
 
Configure Provisioning Behavior
 
Set Up User Mappings

Assign the App to Users or Roles

If provisioning is active, users matching the rules will be auto-synced to your app.

What Happens Next?

Once integrated:

Requirement Purpose
SCIM API URL Endpoint where OneLogin sends user actions
Bearer Token Authenticates OneLogin to your app
SCIM 2.0 Support Lets your app understand and apply user changes
OneLogin Step Description
Add App Add your SCIM-compatible app to OneLogin
Enable Provisioning Enter SCIM URL + Token
Set Provisioning Rules Choose when to create/update/delete users
Create Mappings Map OneLogin attributes to your app fields
Assign Users/Roles Control which users get sent to your app

Revision #7
Created 18 June 2025 05:51:35 by Kent Lauron
Updated 19 June 2025 06:57:48 by Kent Lauron