Provisioning with SCIM 2.0
3 minutes
9th of January 2024
The System for Cross-domain Identity Management (SCIM) specification is designed to make managing user identities in cloud-based applications and services easier. Its intent is to reduce the cost and complexity of user management operations by providing a common user schema and extension model, as well as binding documents to provide patterns for exchanging this schema using standard protocols.
Manage Team members in Spreadly
SCIM is used by Single Sign-On (SSO) services and identity providers to manage people across a variety of tools, including Spreadly. This SCIM implementation targets version 2.0 of the protocol.
Accessing the SCIM API
The SCIM methods are accessed over HTTP. The base URL for all calls to the SCIM API is https://spreadly.app/api/v1/scim. All SCIM methods are branches of this base URL.
Get a secret token
A Bearer token is required to access the SCIM endpoints. You can get your SCIM secret token from "Team > Members".
Use the token in a SCIM API request
The API token must be included via an Authorization header with a type of Bearer when calling any of the SCIM methods.
Provide a JSON request body for POST, PUT, and PATCH write operations, and set your HTTP Content-Type header to application/json.
A SCIM call may take a form like this:
GET /api/v1/scim/Users HTTP/1.1
Host: spreadly.app
Accept: application/json
Authorization: Bearer scim-token_...
User attributes
Attributes are the details associated with a user's account. You can view those user attributes when you open up the members list of your team. The following tables map SCIM attributes to the profile fields that Spreadly uses.
| Spreadly User Field | SCIM attribute | Required |
|---|---|---|
userName |
✅ | |
| First name | name[givenName] |
✅ |
| Last name | name[familyName] |
✅ |
| Import Key | externalID |
✅ |
| Phone | phones[type eq "work"][value] |
❌ |
| Mobile | phones[type eq "mobile"][value] |
❌ |
| Position | title |
❌ |
| Department | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User[department] |
❌ |
| Division | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User[division] |
❌ |
| Organization | urn:ietf:params:scim:schemas:extension:enterprise:2.0:User[organization] |
❌ |
| Street | addresses[type eq "work"][streetAddress] |
❌ |
| City | addresses[type eq "work"][locality] |
❌ |
| Region | addresses[type eq "work"][region] |
❌ |
| Postal code | addresses[type eq "work"][postalCode] |
❌ |
| Country | addresses[type eq "work"][country] |
❌ |
| Language | locale |
❌ |
| Custom Field 1 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField1 |
❌ |
| Custom Field 2 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField2 |
❌ |
| Custom Field 3 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField3 |
❌ |
| Custom Field 4 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField4 |
❌ |
| Custom Field 5 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField5 |
❌ |
| Custom Field 6 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField6 |
❌ |
| Custom Field 7 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField7 |
❌ |
| Custom Field 8 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField8 |
❌ |
| Custom Field 9 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField9 |
❌ |
| Custom Field 10 | urn:ietf:params:scim:schemas:extension:spreadly:2.0:User:customField10 |
❌ |
Group Attributes
We do not support the provisioning of groups (yet). The mapping and provisioning can be disalbed for the Spreadly integration.
Supported Providers
This is a non-complete list of supported providers. Feel free to contact us and send us your configuration guide for any other provider, missing in this list.