# SCIM (Beta)
The EE server support user and group management with SCIM, in combination with SAML. SCIM allows external services
to create / delete / update users and groups. Psono doesn't implement the full SCIM specification and instead currently supports
the subset required by Azure.
This guide here will explain how to configure SCIM. We assume that your webclient is running on https://example.com, the server is reachable with
https://example.com/server/info/ shows you some nice json output).
This feature is only available in the Enterprise Edition.
# Enable SCIM
Lookup the provider id of your SAML configuration. If your configuration looks like this:
SAML_CONFIGURATIONS: 1: idp: entityId: ... ...
Then your provider id is 1. So create a SCIM configuration that looks like this:
SCIM_CONFIGURATIONS: 1: TOKEN: 'Replace me with a secure long random string' AUTHENTICATION_METHOD: 'SAML' PROVIDER_ID: 1
TOKENparameter and replace it with a secure random string. This will later be used by the SCIM provider as authentication.
PROVIDER_IDparameter to match your SAML configuration's provider id
Restart the server afterwards
The SCIM endpoint is now:
https://example.com/server/scim/2.0/1, so e.g.
Users and groups should now automatically provision.