Verify SCIM Server Settings in Secret Server

SCIM Connector Configuration Settings are stored in Secret Server. SCIM Connector stores secret information in the connected Secret Server.

• The Application account creates a root level folder named SCIM {hostname where SCIM Connector is installed}.

  

  

• Access to SCIM Connector is based on access to the SCIM Connector Secret stored in Secret Server. Inside that folder, a secret is created called SCIMSecret {hostname where SCIM Connector is installed}. This secret is important to gain access to the SCIM Connector User Interface.

• To allow access to the SCIM Connector User Interface, share this secret with the user who should have access. Once they have access to the secret, they will be able to log into the SCIM Connector.

SCIM Connector SCIM Endpoint Information

SCIM Connector SCIM Endpoint Information is also stored in the SCIM {hostname where SCIM Connector is installed} folder. All information that is displayed in the SCIM Connector can be seen by selecting any of the associated secrets. This includes username, password, URL, Endpoint Name, and token information.

• If your Secret Server password has expired and you attempt to log into the SCIM Connector an error message will display.

  

• To correct this error and log into SCIM Connector you must log into Secret Server and reset your password.

• Any Secret Server User can request access to SCIM Connector through Secret Server Workflow.

  

To request access to the SCIM Connector either share the SCIM Connector Secret with the Secret Server user who needs access, or they can log into the SCIM Connector user interface. Using the log into the SCIM Connector user interface leverages the built-in approval workflow and ensures proper auditing.

Access is initially limited to the Administrator setting up the SCIM Connector.

Allowing access should be done with extreme caution due to the sensitive nature of the information that the SCIM Connector has access to both from Secret Server and the SCIM Endpoints.

Reasons to allow access include:

• Adding a SCIM Endpoint and troubleshooting failed communication between a SCIM Endpoint and the SCIM Connector.

• Gaining Access to SCIM Connector leveraging Secret Server Built in Workflow for proper auditing.

• The person who needs access should log into the SCIM Connector using their Secret Server Username and password.

  

1. Select Request Access to SCIM Connector > Pending workflow approval.

2. A notice will display indicating permission is required to access the SCIM Connector.

   

3. Select Request Access to SCIM Connector > Workflow approval in Secret Server.

4. In Secret Server the Administrator will see the request from the Secret Server Home page. The Administrator can either approve or deny the request.

   

5. Select Requesting Access to SCIM Connector > Approval Justification.

6. When the Secret Server Administrator approves the request, the Secret Access Request Approval window displays.

7. Add the justification to the approval and click Confirm Approval.

8. Navigate to Requesting Access to SCIM Connector > User can now log into SCIM Connector.

   Once approved, the requestor has 2 days (by default) to access the SCIM Connector using their Secret Server Credentials. At this point, the user can add, delete, and modify any settings including server and endpoint settings.