docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
docs/content/security/for-admins/scim.md

56 lines
2.2 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

---
description: System for Cross-domain Identity Management
keywords: SCIM, SSO
title: SCIM
direct_from:
- /docker-hub/company-scim/
- /docker-hub/scim/
- /admin/company/settings/scim/
- /admin/organization/security-settings/scim/
---
This section is for administrators who want to enable System for Cross-domain Identity Management (SCIM) 2.0 for their business. It is available for Docker Business customers.
SCIM provides automated user provisioning and de-provisioning for your Docker organization or company through your identity provider (IdP). Once you enable SCIM in Docker and your IdP, any user assigned to the Docker application in the IdP is automatically provisioned in Docker and added to the organization or company.
Similarly, if a user gets unassigned from the Docker application in the IdP, this removes the user from the organization or company in Docker. SCIM also synchronizes changes made to a user's attributes in the IdP, for example the users first name and last name.
The following lists the supported provisioning features:
- Creating new users
- Push user profile updates
- Remove users
- Deactivate users
- Re-activate users
- Group mapping
The following table lists the supported attributes. Note that your attribute mappings must match for SSO to prevent duplicating your members.
| Attribute | Description
|:---------------------------------------------------------------|:-------------------------------------------------------------------------------------------|
| userName | User's primary email address. This is the unique identifier of the user. |
| name.givenName | Users first name |
| name.familyName | Users surname |
| active | Indicates if a user is enabled or disabled. Can be set to false to de-provision the user. |
For additional details about supported attributes and SCIM, see [Docker Hub API SCIM reference](/docker-hub/api/latest/#tag/scim).
## Set up SCIM
You must make sure you have [configured SSO](single-sign-on/configure/_index.md) before you enable SCIM. Enforcing SSO isn't required.
{{< tabs >}}
{{< tab name="Docker Hub" >}}
{{% admin-scim %}}
{{< /tab >}}
{{< tab name="Docker Admin" >}}
{{< include "admin-early-access.md" >}}
{{% admin-scim product="admin" %}}
{{< /tab >}}
{{< /tabs >}}
Reference in New Issue View Git Blame Copy Permalink