Configuring SCIM provisioning in your workspace

V12 4:24 Ent.svg

 

In this article, you will learn how to configure System for Cross-domain Identity Management (SCIM) provisioning on your Productboard workspace. 

SCIM provisioning allows you to manage all your accounts in one central location – your identity provider, from creation until deactivation.

In this article:

Relevant to both new and legacy boards

Supported identity providers

If Microsoft Entra ID is your identity provider, please follow the Setting up SCIM provisioning with Microsoft Entra ID article.

If Okta is your identity provider, please follow the Setting up SCIM provisioning with OKTA article.

If your identity provider is different or it’s a custom one, please follow the instructions in the article below.

Prerequisites

To get started, you’ll need the following items:

Setting up SCIM provisioning

Once SAML SSO is set up on your account, follow the below steps: 

  1. Go to https://<your_workspace>.productboard.com/, then to Settings under the Workspace menu and Toggle on SCIM provisioning. If you want to also use Group provisioning, enable Manage teams with SCIM.
  2. Enable SCIM provisioning in your identity provider for Productboard application. The base URL for our SCIM API is https://api.productboard.com/scim/v2. We only support Users (members in Productboard) read, create and update. We don’t support deletion, but you can deactivate members by setting "active": false. You can also store an ID from your identity provider as an externalId. You can find more details about our SCIM API and all supported attributes here. If you need to get an idea of how to handle roles in your identity provider check out how it’s done in Okta.
    Enable SCIM provisioning in your identity provider for Productboard application. The base URL for our SCIM API is https://api.productboard.com/scim/v2. We support Users (members in Productboard) read, create and update. We don’t support deletion, but you can deactivate members by setting "active": false. For users, you can also store an ID from your identity provider as an externalId. We also support Groups (teams in Productboard) read, create, update and delete. You can find more details about our SCIM API and all supported attributes here. If you want to understand how to handle roles in your identity provider, check out how it's done in Okta.
  3. For authentication, you can choose between generating an Access token and using OAuth2.
    For OAuth2, see the article How to integrate with Productboard via OAuth2 - developer documentation
    For Access token go to https://<your_workspace>.productboard.com/ , then to Integrations under Profile menu. Find the Public API section and generate and copy the Access token. Paste the token to the Authorization field in Okta.
    Screenshot_2022-12-30_at_14.00.25.png
    Screenshot_2022-12-30_at_14.02.47.png

See also

Was this article helpful?
1 out of 3 found this helpful

Comments

0 comments

Article is closed for comments.

Articles in this section

See more
Our Support hours:
Monday to Friday from 9:00 am - 2:00 am CET. Monday to Friday from 0:00 am - 5:00 pm PST.
Productboard Academy
Become a Productboard expert with self-paced courses, quick tip videos, webinars and more.
Product Makers Community
Connect with product leaders, share and find product jobs, and learn how to approach similar challenges. Come join our Product Makers community.