Deploy scim bridge only for offboarding?
Is it possible to deploy scim bridge only for deactivating users that are not active in aad anymore?
If yes how would that look like?
Chris
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser:_ Not Provided
Comments
-
Hi Chris,
That is not possible. If you set up the SCIM bridge and configure it with an IdP integration, the IdP will send requests to your bridge for all user events in configured groups. I would suggest setting up a SCIM bridge, and then creating a specific group for 1P users and provisioning users in and out of that. Deactivating a user will deactivate them in 1P, and you'll only control users that are in the 1P users group.
0 -
Sure thing!
When you first set up the SCIM integration on your IdP, nothing will happen. You have to choose which groups you want to be synced, and only then will changes start to reflect in your 1P account. Once you configure a group that has existing (manually added) 1P users in it, the state of those users will simply change to reflect the IdP state. For users that do not yet exist, they will be invited to 1P after being added to a synced group.
Hope this helps
0