Setting up SCIM provisioning

What's in this article:

• Features
• Requirements
• Setup instructions
• Troubleshooting
• FAQ

Features

Writer supports the following provisioning features:

• User and Group Push: IdP groups are automatically pushed to Writer Teams, and users are pushed as team members in your Writer organization.
• User and Group Import: Writer users are imported into IdP and matched against existing users, or created as new ones. Writer Teams are imported as IdP groups.
• Update user attributes
• Deactivate/reactivate users

Presently, Writer doesn't support the following provisioning features, but may in the future:

• Sync password
• Create/delete teams

Requirements

• Set up SAML SSO between Writer and IdP
• SCIM included in your Writer Enterprise subscription (ask your CSM, or check service agreement to confirm)

Setup instructions

1. Locate SCIM setup details in Writer

To get started, visit the Admin Panel> Single sign-on page and find the SCIM section.

From here, you can select the default team new users are assigned to. More importantly, though, this is where you'll find important setup details, including your unique bearer token:

2. Configure SCIM in IdP

Go to the Writer SSO application in your IdP, and enable SCIM provisioning with your Writer setup details.

If Okta is your IdP, check out this article for more steps on setting up SCIM.

FAQ

General

Q: Can we provision our entire organization?

Yes and no. IdPs typically don't allow you to select everyone for a group push. However, if all of your users are assigned to groups, you can push all of these to Writer, which will provision everyone.

Q: Can we manage imported group memberships in our IdP?

No.

Q: Can we create or delete Writer Teams in our IdP?

No.

Q: Can we set the team admin user role in our IdP?

No.

Troubleshooting

If you have questions around our SCIM integration, please contact support@writer.com.