Contents x
    OneLogin SCIM Integration Guide for Scalefusion
    • 16 Oct 2025
    • 3 Minutes to read
    • Print
    • PDF
    Contents

    OneLogin SCIM Integration Guide for Scalefusion

    • Updated on 16 Oct 2025
    • 3 Minutes to read
    • Print
    • PDF
    Article summary

    This guide walks you through setting up the SCIM integration with Scalefusion and provisioning users and groups via OneLogin.

    Pre-requisite

    1. SCIM Connector should be configured on Scalefusion Dashboard.

    Step 1: Set Up the SCIM Application in OneLogin portal

    1. Log in to your OneLogin portal, navigate to Applications, and click Add App.

    2. Search for SCIM Provisioner with SAML (SCIM v2 Enterprise) and select it.

    3. Enter a name and click Save.

    4. Once you save, you will see more sections to add data from the Scalefusion dashboard.

    5. Go to the Configuration tab, scroll down to API Connection, and enter the following details:

      1. SCIM Base URL: Copy the SCIM API Endpoint URL from the Scalefusion dashboard and paste it here.

      2. SCIM JSON Template: Copy-paste the following JSON payload here.

        {
  "schemas": [
    "urn:scim:schemas:core:1.0"
  ],
  "userName": "{$parameters.scimusername}",
  "emails": {
    "value": "{$user.email}",
    "type": "work",
    "primary": true
   },

  "name": {
    "givenName": "{$user.firstname}",
    "familyName": "{$user.lastname}",
    "formatted": "{$user.display_name}"
  },
  "phoneNumbers": [
    {
      "primary": true,
      "value": "{$user.phone}"
    }
  ]
}

      3. SCIM Bearer Token: Copy the Bearer Token from the Scalefusion Dashboard and paste it here.

      4. Next, click Enable and Save it.

    6. Next, go to Provisioning and select the Enable Provisioning checkbox under Workflow.

    7. Uncheck the “Create user, Delete user, and Update user” checkboxes under “Require admin approval before this action is performed”.

    8. Click Save.

    Step 2: Add Role & Map SCIM App to that Role

    1. Navigate to Users > Roles and click New Role.

    2. Enter a name for this role and select the App created previously. Click Save.

    3. Next, go to Users and click New Mapping.

    4. Enter a name for this mapping.

    5. Under Conditions, select an element from the dropdown list, for example, Department equals <name of the department> whose users will be mapped to the SCIM app.

    6. Under Actions, select Set role and select the SCIM app created previously for Scalefusion.

    7. Click Save.

    8. If this condition is met, then the users will be automatically synced to Scalefusion.

    Step 3: Sync Users & Groups

    1. Navigate to Users and click New User.

    2. Enter the user's details, ensuring they match the conditions specified in the Mapping. For example,

    3. All the users that match the mapping will be synced to the Scalefusion dashboard.

    4. To sync group(s), navigate to Users > Groups and click New Group.

    5. Once the group is created, navigate to Applications > the SCIM app you created previously.

    6. Go to Rules and click Add Rule.

      1. Enter a name for this rule.

      2. Click the plus sign under Condition to add a condition in this rule.

        1. Select Role from the dropdown list, select include, and select the Role that you created previously for this SCIM app.

      3. Under Actions, search for group and select Set Groups in <your group’s name>.

      4. Next, select For each role with the value that matches .*

      5. Click Save.

    7. Next, go to Parameters and ensure that “Configured by Admin” is selected.

    8. Go to Groups on this page.

      1. Select “Include in User Provisioning” and click Save.



    9. Click More Actions on the top right-hand side of the page and click “Reapply entitlement mappings”.

    10. Once this is done, you will be able to see the Group synced to the Scalefusion dashboard.

    11. The synced group(s) will also be visible in the User Groups section on the Scalefusion dashboard.

    12. Users who are part of this group will also be visible within the group.

    This completes the SCIM app configuration and mapping of users and groups to it. The group and its users will now sync to the Scalefusion dashboard. Once synced, the group and its users will appear in the Scalefusion dashboard.

    • If individual users are provisioned, they will be listed under the User Enrollment section.

    • When a group is provisioned, both the group and its associated users will appear under the User Groups section. The associated users will also be listed under the User Enrollment section.

    Important Points to Note

    • The SCIM JSON payload must accurately map your identity attributes (email, phone, name) for Scalefusion to interpret correctly.

    • Enabling only required provisioning actions (create, update, delete) reduces unintended side effects.

    • Always test with one user first before bulk provisioning.

    • If you make any changes to the existing application, you need to reapply the mappings by going to More Actions > Reapply entitlement mappings.

    Was this article helpful?
    What's Next
    Ambitious companies around the world trust Scalefusion to secure and manage endpoints including smartphones, tablets, laptops, rugged devices, POS, and digital signages. Our mission is to make Device Management simple and effortless along with providing world class customer support.
    By Business Initiative
    Top Features
    Existing Users
    Connect With Us
    Sales and Support
    Copyright © 2023 Scalefusion. All rights reserved.