Setup

The following are the setup requirements for SCIM Connector.

  • SCIM Connector Installation Requirements

  • Minimum System Requirements

  • Account Permissions

SCIM Connector Installation Requirements

The Delinea System for Cross-Domain Identity Management (SCIM) connector is a Web application that can be installed on a server machine, which exposes SCIM-defined endpoints and Secret Server APIs.

If the previously installed SCIM version is 4.0 or above and you want to upgrade the SCIMConnector version, download and install the latest MSI file. The installation will back up the configuration file and restore it after replacing the SCIMConnector. If you encounter an issue while upgrading to the latest version, or if your version is below SCIM 4.0, uninstall the previous version first. During installation, the new version automatically replaces the old one without requiring an explicit update button.

Before installing the SCIM connector you should have:

  • Secret Server Local Administrator Account.
  • Secret Server Application Account.

  • Windows 2012R2, 2016 or 2019 Server with:

    • IIS Web Server ASP.Net Core Hosting Bundle (for Windows, it is required to install the Hosting Bundle, which includes .NET Runtime and IIS support. Also, IIS must be installed prior the Hosting Bundle installation. The Hosting Bundle might require a repair if you run it first).
    • The ability to connect to Secret Server (use the browser on the web server you intend to install SCIM Connector on and log into Secret Server to ensure the Web Server can connect to the Secret Server Server/Website).
    • The ability to connect to SCIM Endpoints (for example, Sailpoint and Okta).
    • The account information to connect to each SCIM Endpoint.
    • URL to SCIM Endpoint.

Minimum System Requirements

To install and run the SCIM Connector as a Web application in your environment, Delinea recommends installing the SCIM Connector on a server machine that meets at least these requirements.

Hardware Details
Storage 300 MB of free space
Drives 7200 RPM IDE drives
Processor 2 GHz Pentium 4 CPU
Memory 4 GB RAM
Software Details
OS Windows Server 2012/2016/2019
IIS Enabled
Framework .NET 6.0
Browsers Chrome, Edge, Firefox, IE
License Valid Secret Server licenses: Professional or Platinum

Account Permissions

You must have a Local Administrator Account to initially set up the SCIM Connector and connect it to the Secret Server.

If you use Secret Server via the platform:

  • You must use a platform administrator account to set up the SCIM connector and connect it to the Secret Server. However, ensuring that this account has all Secret Server administrator permissions is crucial.

  • For the SCIM Connector, use a platform service account (the same as the Application Account in Secret Server) to configure the Secret Server.

The Application Account used in the SCIM Connector must have the following permissions:

  • Add Secret
  • View Users
  • Administer Folders
  • Administer Groups
  • Administer Reports Administer Secret Templates
  • Administer Users
  • Create Root Folders
  • Deactivate Secret
  • Edit Secret
  • Own Secret
  • View Advanced Secret Options
  • View Secret
  • Administer Role Assignment
  • Bypass Direct API Authentication Role
  • View Roles

    alt

Refer to the instructions in Bypass Direct API Authentication Restrictions.