Enable or Disable SCIM Synchronization in CloudSSO-CloudSSO(CloudSSO)-阿里云帮助中心

Synchronize users or groups from an external IdP that supports System for Cross-domain Identity Management (SCIM) 2.0 to CloudSSO. Enable or disable SCIM synchronization and obtain the SCIM endpoint in the CloudSSO console.

Enable SCIM synchronization

Enable SCIM synchronization before you synchronize users or groups from an external IdP to CloudSSO.

You must also create SCIM credentials. Create an SCIM credential.

Log on to the CloudSSO console.
In the left-side navigation pane, click Settings.
On the User Setting tab, in the SCIM User Synchronization Configuration section, turn on the SCIM synchronization switch.

After you turn on the switch, you cannot modify or delete SCIM-synchronized users and groups, or add or remove users from SCIM-synchronized groups.

Obtain the SCIM endpoint

On the User Setting tab, in the SCIM User Synchronization Configuration section, view or copy the SCIM Endpoint. Use this endpoint to configure SCIM synchronization in your external IdP.

Note

If you enabled the accelerated URL feature, use the SCIM Endpoint (Accelerated) to configure SCIM synchronization in your external IdP instead. Accelerate access to CloudSSO.

Disable SCIM synchronization

On the User Setting tab, in the SCIM User Synchronization Configuration section, turn off the SCIM synchronization switch.

After SCIM synchronization is disabled:

You cannot synchronize users or groups from an external IdP to CloudSSO.
You can modify or delete SCIM-synchronized users or groups.

Note
If you re-enable SCIM synchronization, modifications to synchronized users or groups may be automatically rolled back, and deleted synchronized users may reappear.