When configuring your IdP to integrate with Appspace, you will need to enable SCIM for Appspace in your IdP, and provide information about Appspace’s SCIM API endpoints, including the SCIM Base URL, the unique ID for users that are provisioned, provisioning actions that are supported, and the authentication mode used.

Prerequisites

  • Account Owner role with an Appspace Platform user license.
  • A HRIS or IdP that is SCIM 2.0 compliant, such as:
    • Microsoft Azure AD
    • Okta
  • The username must follow the user’s email address.
  • Support for User endpoints only. (Group endpoints not supported currently)

Enable SCIM

Follow the instructions below to configure SCIM (System for Cross-domain Identity Management) user provisioning in Appspace.

  1. Log in to the Appspace console.
  2. Click the ☰ Appspace menu, and select Users. Click Settings at the bottom of the left menu.
  3. Click the Settings tab, and click the User Provisioning side panel tab.
  4. Select the SCIM radio button from the User Provisioning options to display the SCIM settings, and click Save.
  5. Enter the SCIM Base URL and ensure the SCIM Bearer Token has been generated below:
    • SCIM Base URL – The SCIM Base URL is the API endpoint that connects the provisioning system with Appspace. Example: https://cloud.appspace.com/identity/scim
    • SCIM Bearer Token – The authentication token that manages the SCIM API. Automatically generated, however a new token can be generated by clicking the Generate New Token link.
  6. Select the Enable User Group Sync checkbox to also include user groups in SCIM provisioning.
    Important
    External user groups provisioned from an Identity Provider (IdP) via SCIM have different characteristics than user groups created in Appspace. Refer to this article on how to manage SCIM provisioned user groups.
  7. Enable Allow Automatic Activation to let SSO-enabled accounts activate automatically without requiring email invitations. This option is available only when SSO is enabled.
  8. Configure the following settings in the Email Notifications section:
    • Invited Users – Users invited by the administrator are sent an email invitation. This option cannot be disabled. Click Edit template to modify the email content and appearance:
      • Click the Language button and select the language from the drop-down menu to preview translations for the invitation email. Click Translate all languages to translate the email using AI, or to Clear all translations.
        • Sender Display Name – Set the name that appears as the sender.
        • Email Subject – Leave blank to use the default subject: “You are invited”.
        • Accent Color – Choose a color to highlight key elements in the email.
        • Logo – You can upload a custom logo to replace the default Appspace logo.
        • Banner – Add a banner image to be displayed in the email, or leave the design as default.
        • Title – Enter the main heading for the email body.
        • Description – Include additional text below the title.
        • Additional Text – Choose where to place extra text: None, Top, or Bottom. If Top or Bottom is selected, enter the desired text.
      • Click Restore to default to undo all settings.
      • Click Save or Cancel.
    • Added Users – If this option is enabled, users provisioned by SCIM are also sent an email invitation. Click Edit template to modify the email content and appearance for added users, with options similar to Invited Users above.
  9. Click Save once done.