SCIM Identity Management for SAML
Rokt uses Auth0 for user authentication. This guide outlines the steps to configure your Identity Provider's (IdP) SCIM client to integrate with Rokt's SCIM Server through Auth0.
1. Integrate with ROKT via SAML
Currently, Rokt supports activating the SCIM protocol only through SAML enterprise connections.
To integrate with SCIM you first need to set up a SAML connection.
2. Configure Your IdP for SCIM
To enable SCIM, you must map data from your IdP to Rokt's SCIM server. Specifically, Rokt's SCIM server needs access to the user's ID and active status from your client.
By default, Rokt expects the following fields in the SCIM request from your IdP:
| Expected Fields in Client SCIM Request | Description |
|---|---|
| userName | Primary identifier for the user via SAML (email) |
| active | Whether user should be active (true/false) |
If your data uses different field names or formats, you have two options:
- Update your IdP to map your data to the expected fields listed above, or
- Provide Rokt with a custom mapping from your fields to the expected field names.
Once you’ve decided on a mapping configuration, contact your Account Manager (AM) to notify them that you wish to enable SCIM and discuss any mapping needs.
3. Test Connections
Rokt will provide you with the following details to enable your SCIM connection:
- SCIM Base URL
- API Key
After successful testing, you can integrate and manage your active Rokt users via SCIM using the provided URL and API key.