Welcome to Dremio Cloud Documentation - Dremio > > > >

SCIM

Overview

System for Cross-domain Identity Management (SCIM) is used to integrate identity providers (IdP) with Dremio for external user management. When properly configured, IdPs send the credentials of assigned users securely via SCIM to your Dremio organization, automatically creating user accounts if they do not already exist. These new users, also referred to as external users, may then log in to Dremio according to the policies set by your credential manager.

warning:

You cannot reset or change an external user’s password from Dremio as this is governed by your organization’s identity manager. If you delete an external user from Dremio, Okta will automatically re-add their account the next time that user attempts to log in. To properly revoke access to Dremio, follow the steps described here.

Prerequisites

SCIM endpoint(s) created (specifically for Azure Active Directory or Okta)

Requirements

The following configurations must be utilized:

Version: SCIM 2.0+
Connector Authentication Method: Header Auth
Sign-on Option: Secure Web Authentication

Configuring Azure Active Directory with SCIM

Microsoft Azure AD may be configured to securely provision external users on Dremio using SCIM. This process is accomplished as described on Microsoft’s documentation portal.

Configuring Okta with SCIM

Before configuring SCIM, you must have Okta integrated with Dremio. Once integrated, you must then configure Okta with SCIM.

Was this page helpful?

Glad to hear it! Thank you for your feedback. Sorry to hear that. Thank you for your feedback.