SCIM (System for Cross-domain Identity Management) is a feature that allows automatic user provisioning, eliminating the need for manual user management within Memtime.
Key Benefits of SCIM:
- Centralized User Management: Admins can easily add or remove users within their identity provider, and the changes will automatically sync with Memtime.
- Automation: SCIM takes care of user provisioning, eliminating the need for manual additions and saving time while reducing errors.
- Simplified Onboarding: When a user is added via SCIM, they’ll automatically receive an invitation to join Memtime, streamlining the onboarding process.
Step 1: Make sure you meet the setup requirements
1. SCIM is available only for customers with Premium accounts and automated licensing enabled. The automatic adjustment of licenses must be activated. 
If you want to learn more about this feature, please take a look at the following article: How to increase or reduce your licenses
2. Access Token & Base URL: To set up SCIM, you will need a bearer token and an API base URL from Memtime to use within your identity provider. To get them, navigate to Customer Portal > User Management, choose whether login method you want to use, and click “Activate”:
The Login methods available to you will depend on the ones you have selected in Customer Portal > Account Settings > Login Methods.
Likewise, the login method selected will also determine the type of invitation that users will receive. For example, if they select “Google”, they will receive an invitation through this provider.
The system will then generate an SCIM Access Token that will only be visible once, so we recommend that you keep it somewhere easily accessible.
If you have misplaced your SCIM Access Token, please reach out to our Support Team so that we can revoke it, and you can generate a new one.
Once you close the pop-up window that shows you the SCIM Access Token, you will also be able to view and copy your SCIM Base URL, which will be provided for use in the identity provider:
Step 2: Configuring Your Identity Provider (OneLogin Example)
- Log into your OneLogin account > Applications:
2. Click on "Add App", and create a new app called "SCIM Provisioner with SAML (SCIM v2 Core)."
3. In the “Configuration” tab, add:
- The SCIM Base URL that was generated in your Memtime Customer Portal, which you can copy from there.
- In the SCIM Bearer Token field, the SCIM Access Token you have saved, as it is only visible once.
- Below, in the SCIM JSON Template field, you can replace the default template with the one shown below. The only difference is that in the one we provide you, e-mail is used as the username for mapping the user's identity.
{
"schemas": [
"urn:ietf:params:scim:schemas:core:2.0:User"
],
"userName": "{$parameters.scimusername}",
"name": {
"formatted": "{$user.firstname} {$user.lastname}",
"givenName": "{$user.firstname}",
"familyName": "{$user.lastname}"
},
"emails": [
{
"value": "{$user.email}",
"primary": true,
"type": "work"
}
],
"phoneNumbers": [
{
"value": "{$user.phone}",
"primary": true,
"type": "work"
}
]
}
4. In the “Parameters” tab, edit scimusername and set it to “Email”.
You can also add a parameter with the value “Phone”, but adding this field is optional.
This is how your parameters should look like:
5. In the Provisioning tab, ensure provisioning is enabled.
Create, delete and update user will make provisioning require approval.
6. Then, go back to the Configuration tab and make sure you enable API Connection:
Step 3: Adding users
Once the connection configuration is ready, you can add your users to receive their invitations. If you already have users created in OneLogin, you only need to assign them to the SCIM app role to enable provisioning.
If, on the other hand, this is the first time you are setting up SCIM on OneLogin, this is how you create your users:
1. Open the section Users > New User:
2. Once you have filled in the user fields, open the “Applications” tab and set the Default Role for the user.
3. Then click on Pending and approve Provisioner.
That's it! The user in question will have automatically already received the invitation to your Memtime account, and will only have to accept it, download the app and follow the standard Memtime onboarding process.
From now on, the users you have added to this process will appear in your Customer Portal > User Management.
If you have any further questions about how to integrate SCIM with Memtime, please do not hesitate to reach out to our Support Team.