What is SCIM
SCIM, short for System for Cross-domain Identity Management, is an open standard for the automated provisioning of user accounts. Using the SCIM protocol, the exchange of data related to user identity between identity providers (enterprises) and service providers (SaaS applications) can be significantly simplified by managing accounts across platforms. Technically, SCIM is a combination of protocols based on JSON, REST, and various authentication method.
Benefits of SCIM
In summary, SCIM improves the security of user data and increases overall usability through automated life-cycle management of user accounts.
Today, organizations use more and more different applications and software that have one thing in common: For each user, an individual account with individual authorizations has to be created. Especially when introducing new software products, when there is high employee turnover or simply due to growth (employee hiring), the coordination of user accounts alone ties up a lot of resources in the IT department: Requests for new creation; deactivation or deletion of accounts or adjustment of user data take up a lot of valuable time.
This is where SCIM comes in and simplifies account management. By storing user data in a standardized way, different applications such as GOBENCH can retrieve and use this data. This automates the so-called provisioning process.
For example, when a new employee joins a company, a new user account can be automatically created with predefined roles and permissions. At the same time, employees benefit from single sign-on (SSO) and do not have to remember different passwords for each application they access. This also reduces the workload of the IT department, as password reset requests are reduced by up to 50%. Changes to user data are also checked and, if necessary, synchronized in real time in the applications. When an employee leaves the company, user accounts can be automatically deleted or deactivated.
SCIM and Corporate Security
Automated processes can also be used to enhance enterprise security. By automatically assigning roles and permissions, IT managers can have a better overview of the applications used by the organization and the user accounts created in them, thus ensuring compliance with defined security policies.
Even when a department changes, permissions are immediately rechecked and the user account is adjusted accordingly, so that access is only granted where it is allowed and approved - without the need of manual adjustment. The automated login without own passwords also prevents employees from exchanging passwords with each other in order to gain access to protected areas. It also eliminates the risk of using the same passwords for different tools.
SCIM can also support compliance with data protection regulations. The minimum principle applies: only as much information is transferred from the identity provider to the application as is necessary to ensure the automation described. In addition, users have the right to have data that is no longer needed deleted - such as user accounts when they have left the company.
Support of the Standard by GOBENCH
GOBENCH 2.0 now also supports the open standard SCIM. With SCIM, you can seamlessly synchronize user information and rights between GOBENCH and your identity provider. This means less manual work and more efficiency in user management e.g. through automatic creation, activation and deactivation of user accounts; synchronization of user data in real-time as well as automated assignment of users to specific GOBENCH user groups.