Why spend countless weeks or months every time you need to implement a new SAML connection?

SSO Easy's EasyConnect SAML solutions eliminates the time, cost, complexity and risk of SAML implementations.

SCIM for On Premise AD (Active Directory)

SCIM for On Premise AD / Active Directory - SCIM User Provisioning From AD Server To Any SCIM Compliant SaaS Solution(s)

Award-Winning "SCIM for On Premise AD / Active Directory" enables System for Cross-domain Identity Management (SCIM) User Provisioning to ANY SCIM COMPLIANT SaaS solution. Clients are able to leverage existing Microsoft On Premise Active Directory (AD) server(s).  SCIM for On Premise Active Directory, from SSO Easy, allows organizations to better manage user subscriptions and fees, without having to upgrade from their existing Microsoft On Premise Active Directory implementation.  Organizations improve centralized security, while reducing operating costs.

With the SCIM For On Premise AD / Active Directory Solution, SSO Easy customers can:

  • Leverage SCIM (System for Cross-domain) protocol
  • Leverage current MSFT Active Directory Federation Services (ADFS)
  • ....or.... Leverage SCIM for On Premise Active Directory server(s) function
  • Enable SCIM User Provisioning with ANY / ALL SCIM compliant SaaS vendors

SSO Easy's SCIM for On Premise Active Directory Solution implementations are:

  • Robust and scalable
  • Quick
  • Easy
  • Cost-effective

Free Trials are available.

With proper planning and coordination, Free Trials are typically completed in less than 15 minutes.

SCIM for On Premise Active Directory - User Experience - SCIM User Provisioning

With SCIM for On Premise Active Directory User Provisioning, users experience the following:

  • Users login to their local On Premise Active Directory server(s)
  • On Premise Active Directory servers leverage SCIM, using SSO Easy's integrated SCIM for On Premise Active Directory solution
  • SCIM protocols are shared with any SCIM compliant SaaS solution provider's app on their side
  • User gains SCIM enabled access to the external SaaS service

SCIM Overview - SCIM for On Premise AD Active Directory - Context 

What does SCIM Provisioning do for SCIM for On Premise AD / Active Directory?

"SCIM for On Premise Active Directory" leverages System for Cross-domain Identity Management (SCIM). SCIM is a set of application-level protocols that use JSON, REST, and several different authentication methods to automate the task of data provisioning. When implemented, SCIM allows a wide variety of user accounts to be created, updated, or deactivated with minimal effort. It transfers just enough information from the identity provider to the app so that the app can identify the user to ensure they can sign in and out easily across the applications they need.

Without SCIM, IT administrators would have to manually add identifying information needed by the application about users who are allowed to use the application. This manual process takes longer and has a higher margin for error. Using SCIM as a standard protocol for cloud-based applications and services solves this problem and streamlines the management of users, groups, and devices.

Explained another way, SCIM offers standards-based provisioning, automates the exchange of user ID data from one entity to the other (across domains), and maintains these accounts across platforms. It makes data available in an orderly and secure way to applications that users need and/or have permission to use. It helps govern the rights and permissions that have been established for each individual user for each of the organization’s secure resources.

How SCIM works

SCIM is a REST and JSON-based protocol that defines a client and server role. A client is usually an identity provider (IDP), like Active Directory, or AD, that contains a robust directory of user identities. A service provider (SP) is usually a SaaS app, like Box or Slack, that needs a subset of information from those identities. When changes to identities are made in the IdP, including create, update, and delete, they are automatically synced to the SP according to the SCIM protocol. The IdP can also read identities from the SP to add to its directory and to detect incorrect values in the SP that could create security vulnerabilities. For end users, this means that they have seamless access to applications for which they're assigned, with up-to-date profiles and permissions.

SCIM Benefits

There are various benefits of SCIM provisioning, including:

  • Improve SaaS user management via self-service
  • Eliminate excess SaaS user fees
  • Automate user onboarding and offboarding
  • Centralize identity management
  • Reduce operational costs
  • Eliminate manual errors
  • More comprehensive SSO management

With SCIM, admins no longer need to manually create and delete user accounts in web apps -- which saves them valuable time and reduces the chance for errors in the authorization levels granted to users.

About SSO Easy

"SCIM for On Premise Active Directory" is an Award-Winning solution from SSO Easy. Founded in 2010, SSO Easy is a leader in cloud based Identity and Access Management (IAM) solutions. SSO Easy's Single Sign On and SCIM User Provisioning solutions are deployed in production by thousands of clients, enables secure and seamless Single Sign On for millions of users, who access thousands of SaaS services and internal applications.  SSO Easy solutions, which leverage industry standard protocols, including SAML and SCIM, are implemented quickly, easy, and cost-effective.  Free Trials of SSO Easy solutions are available -- typically completed in 1 hour or less.

About On Premise Active Directory (AD) - Summary

On Premise Active Directory (AD) is a database and set of services, made by Microsoft, that connect users with the network resources they need to get their work done.

The database (or directory) contains critical information about your environment, including what users and computers there are and who's allowed to do what. For example, the database might list 100 user accounts with details like each person's job title, phone number and password. It will also record their permissions.

The services control much of the activity that goes on in your IT environment. In particular, they make sure each person is who they claim to be (authentication), usually by checking the user ID and password they enter, and allow them to access only the data they're allowed to use (authorization).

Please fill out the form below to learn more about our solutions