SCIM User Provisioning
On this page
Note
This is a Preview feature.
SingleStore System for Cross Identity Management (SCIM) enables user provisioning from an identity provider to the Cloud Portal and SingleStore database.
SingleStore SCIM supports SCIM 2.
-
If RBAC is disabled, the system assigns Owner access by default, similar to inviting new users manually.
-
If RBAC is enabled, the system grants the user basic permissions based on the role defined for new users.
This provides only limited access unless additional roles or permissions are explicitly assigned.
RBAC is required for managing user permissions both in the SingleStore Helios and the SingleStore database engine.
The following table shows the identity provider application assignments and the corresponding actions in SingleStore Helios:
Identity provider application assignment |
SingleStore Helios corresponding action |
---|---|
Add user |
Add a user to a SingleStore organization |
Remove user |
Remove the user from the organization |
Add group |
Create a new team |
Remove group |
Remove the team |
Add a user to group |
Add the user to team |
When SCIM is configured with RBAC enabled, adding a group in the identity provider automatically creates a corresponding team in the Cloud Portal.
Note
The number of users synchronized by SCIM must not exceed 200 for optimal performance.
Create SCIM Configuration
Perform the following tasks to create a new SCIM configuration:
-
On the Cloud Portal, select <your_
organization> > Organization Details > SCIM. -
Select + New SCIM Configuration.
-
In the New SCIM Configuration Dialog box, enter a Description, and select Generate Secret Token
-
Copy the generated Secret Token and secure it.
The secret token is displayed only once. -
Select Save Configuration.
-
Use the endpoint URL (
https://authsvc.
) and the generated bearer token to configure SCIM in the identity provider.singlestore. com/auth/scim/[id]
Creating a new SCIM configuration deactivates the existing configuration.
Configure an existing SCIM
To generate a new secret token for an existing SCIM configuration, select Configure SCIM.
Deactivate an existing SCIM
To deactivate an existing SCIM configuration, select the ellipsis (three dots) next to the displayed SCIM, and then select Deactivate from the list.
Activate an existing SCIM
To activate an existing SCIM configuration, select the ellipsis (three dots) next to the displayed SCIM, and then select Activate from the list.
Remove an existing SCIM
To remove an existing SCIM configuration, select the ellipsis (three dots) next to the displayed SCIM, and then select Remove SCIM from the list.
In this section
Last modified: November 27, 2024