Hello there!

Need Help? We are right here!

miniOrange Email Support
success

Thanks for your Enquiry.

If you don't hear from us within 24 hours, please feel free to send a follow-up email to info@xecurify.com

Search Results:

×

AWS SCIM Automatic Provisioning and Deprovisioning


AWS SCIM Automatic Provisioning allows to create account in a simplified and automated way to link AWS user's account to their existing or new third party apps. AWS SCIM Provisioning automates user provisioning with their identities across the applications where users need access to. Enable automatic provisioning in Amazon Web Services (AWS) Identity center for users using Active Directory credentials.

Automated User Provisioning saves time when setting up new users and teams, and also manages access privileges through user lifecycle managemnet. miniOrange can create, read, and update user accounts for new or existing users, remove accounts for deactivated users, and synchronize attributes across multiple user stores.

AWS SCIM User provisioning and deprovisioning actions are bi-directional, so you can create accounts inside an external application and import them into miniOrange, or alternatively create the accounts in miniOrange and then push them out to any linked external applications.

AWS SCIM automatic Deprovisioning means deleting a user and removing their access from multiple applications and network systems at once. Deprovisioning action is triggered when an employee leaves a company or changes roles within the organization. The deprovisioning features increase your organization's security profile by removing access to sensitive applications and content from people who leave your organization.


Automatic Provisioning & Deprovisioning Scenarios for Amazon Web Services (AWS) Identity center


miniOrange provides Provisioning solutions for all scenarios of user management (provisioning), which includes AD Integration, LDAP Integration and automated provisioning for all External Applications such as AWS SCIM, Google Workspace, Workday, Salesforce, Microsoft apps, etc.



Follow the step-by-step guide given below to setup Automated AWS SCIM Provisioning

1. Setup Provisioning for AWS SCIM

  • Open the AWS SSO Console.
  • Choose Settings in the left navigation pane.
  • On the Settings page, under Identity source, next to Provisioning, choose Enable automatic provisioning. This immediately enables automatic provisioning in AWS SSO and displays the necessary endpoint and access token information.
  • In the Inbound automatic provisioning dialog box, copy each of the values for the following options. You will need to paste these in later when you configure provisioning in your IdP.
    a. SCIM endpoint
    b. Access Token
  • Choose Close.

2. Add SCIM Configuration for AWS application in miniOrange

  • If you are using any external IDP and just want to enable provisioning through us:
    • Go to Apps >> Provisioning >> Create a SCIM 2.0 App for AWS.
    • AWS SCIM Provisioning Select Provisioning

      AWS SCIM Provisioning Configuration

  • If you want to enable SAML authentication + SCIM both:
    • Go to Apps >> SAML >> AWS.
    • AWS SCIM Provisioning Create SAML app

      AWS SCIM Provisioning Select AWS app

    • In the Provisioning section, enter the SCIM Base URL and Bearer Token that you got in this step.
    • AWS SCIM Provisioning configuration

3. Add Attribute Mapping

  • Now in the Add Attribute Mapping, choose the required Target Attributes with their specific miniOrange Attributes. You can select either Default User Profile Attribute or Custom User Profile Attribute.

    Note: The givenName, familyName, userName, and displayName and email fields are required.
  • AWS SCIM Provisioning Attribute Mapping

  • In Enable Provisioning Features, you can enable any feature below.
  • Enable AWS Provisioning Features

  • Click on Save button.

4. Create Group

  • Go to Groups > Create Group. Enter the Group Name and click on Create Group button and the group will be created.
  • Create or Add Group in AWS Provisioning

5. Add Policy

  • In the Policies section, navigate to Add Policy tab.
  • In Select Application section, select the application you have created in step2.
  • In Configure Settings section, select the group you have created in step4 and enter the policy name with the required login method.
  • AWS SCIM User Provisioning Add policy

  • Click on Save button.

6. Add Users

  • Go to Users > Add User.
  • Enter the Users Details and the user will be created.
  • AWS Provisioning:Add User

7. Assign Users

  • Go to Groups.
  • Assign the users to the Group you have created in step4.
  • AWS provisioning:assign users



View Provisioning Reports

How to access Provisioning Reports?

  • Navigate to the Reports in the left-hand navigation pane and select Provisioning Report.
  • Provisioning Report

  • Filter the reports by specifying Enduser Identifier and Application Name criteria. Additionally, choose the desired timespan for the reports. Once done, click on the Search.
  • Search Provisioning Report

  • Alternatively, you can directly click on Search to retrieve all provisioning reports based on time without applying any specific filters.


External References

Want To Schedule A Demo?

Request a Demo
  



Our Other Identity & Access Management Products