Describes how to provision users with SCIM 2.0 from other systems that support it or by the creation of custom integrations
About SCIM 2.0
SCIM stands for "System for Cross-domain Identity Management" (official documentation) and is a protocol to facilitate automatic one-directional provisioning/syncing of users from an identity management system or database to Eletive. The identity management system is called an "identity provider" and Eletive is called a "service provider" within the SCIM protocol. Eletive is kept up-to-date with any system supporting the SCIM 2.0 protocol like Microsoft Azure Active Directory and many others or through custom integrations.
- Go to "Setting -> Integrations"
- Select "User Provisioning"
- Press the "Connect" button
- Copy the "SCIM 2.0 URL" and the "Bearer Token" and send it to your IT professional.
The Bearer Token is a sensitive "password" and should be handled securely.
Note: The token is valid for 1 year from the date it is created but can simply be regenerated under "User Provisioning"
If an identity provider that supports SCIM 2.0 is used then no custom integration is needed, set up the user provisioning through the identity provider.
If a custom integration is needed, see the next section.
The official documentation of SCIM 2.0 should be used, this document only states Eletive specifics.
The official documentation of SCIM 2.0 should be used for general information, this description will only provide the specifics of Eletives SCIM 2.0 implementation. Eletive supports the following operations in the SCIM 2.0 protocol.
Get a specific user
Returns a user by their unique ID (Eletives), which is received when using the POST operation for example. To get the user by externalID, use "Get all users" instead and use the filter or utilize Eletives ID.
Get all users
Returns all users in Eletive for the organization. Filtering is supported by userName and externalId and by the operator eq. For pagination, see the SCIM 2.0 documentation for startIndex and count. If count is omitted, 1000 is the standard amount. The max count amount is also 1000.
GET /Users?filter=userName eq "email@example.com"
GET /Users?filter=externalId eq "someIdOfUser"
Create a user
Create a new user when providing the following mandatory fields:
|userName||Primary email of the user (Required if externalId not provided)||Max 255 characters|
|externalId||The external ID of the user
(Required if userName not provided)
|Max 255 characters|
|name.givenName||First name of the user||Max 255 characters|
|name.familyName||Last name of the user||Max 255 characters|
Update a user
Use this to update a specific user with data.
Partial update of a user
Makes partial updates to a user. For more information, see the documentation. Example:
"path": "urn:ietf:params:scim:schemas:extension:eletive:2.0:User:manager[attribute eq NewTestAttributeOption].value",
"path": "urn:ietf:params:scim:schemas:extension:eletive:2.0:User:manager[attribute eq NewTestAttributeOption4 and value eq \"test\"].value"
Delete a user
Deletes a specific user.
Returns all schemas and fields in the organization including attributes created.
Get service provider config
Returns the Service Provider configuration of the SCIM 2.0 API containing capabilities and supported features.
Bulk operations are supported and the documentation can be found here.
The user role can be set by utilizing the userType. Possible values are:
Eletive has extended the SCIM 2.0 protocol to facilitate more features like Attributes using the format specified here. Use "Get schemas" to fetch more information for your organization.
The following input applies depending on the attribute type. Please note that Attributes and Segments that do not exist will be created. If a user is currently belonging to a segment but that segment is not listed when updating, the user will be removed from that segment.
|Choices||A String value (max 255 characters)|
|Dates||A DateTime string (ISO 8601 format)|
|Numbers||A Float value|
|Users||Depends on the selector. Use either email or externalId (both can be used but not necessary). Independent of what selector is used, it should be input as a String value (max 255 characters).|
Attributes and Segments are provided as a sub-object like this:
For Choices type attributes, it is possible to add one SCIM 2.0 alias name for each segment. This is added in Eletive by editing the segment in Eletive, see instructions for editing a segment here: Add, remove and edit attributes and segments under the section "Managing Segments".
To set a user as a manager for a specific segment or segments, use our extension. If a segment is not listed on a user as a manager and the user is currently a manager for that segment, that user will be removed as manager.
Please note the difference between "setting a user as a manager for a segment" vs. "setting a user's manager in a Users type attribute".
Participate in survey
To disable users from participating in surveys use this.
Note: The above clearly states how you provision users by communicating with the APIs of Eletive. Eletive wants our customers to be happy and we gladly help you with Eletive-related challenges, such as questions about our API. However, we cannot guarantee consulting capabilities in other systems than Eletive such as HRIS-systems, Microsoft Azure, Salary systems, etc. For this reason, Eletive does not do any consulting in other systems than Eletive, which is by default stated in Terms and Conditions in customer contracts.