Skip to main content
Enterprise Edition FeatureThis feature requires an Enterprise plan. View plans or contact sales to learn more.
Configure Gorbit with SCIM 2.0 to automatically provision and deprovision users and groups from your identity provider. Gorbit has been tested with Okta and Microsoft Entra ID (Azure AD). Other SCIM 2.0 providers have not been validated yet. If you need support for a specific provider, reach out on our Slack or Discord channels and we can add it to the roadmap.
SCIM handles provisioning — syncing users and groups into Gorbit. You still need a separate authentication method (e.g. OIDC or SAML) for user sign-in.

What SCIM Does

  • User provisioning — Automatically create Gorbit accounts when users are assigned in your IdP
  • User deprovisioning — Deactivate Gorbit accounts when users are unassigned or suspended
  • Group sync — Push group membership changes from your IdP to Gorbit
  • Profile updates — Keep user attributes (name, email) in sync

Generate a SCIM Token

Before configuring your identity provider, generate a SCIM bearer token in Gorbit.
1

Navigate to SCIM Settings

In your Gorbit instance, go to the Admin PanelPermissionsSCIM.
2

Generate Token

Click Generate SCIM Token. A new bearer token will be created for your IdP to authenticate with.
The token is displayed only once. Copy or download it immediately. Generating a new token will revoke the previous one.
You will need these two values when configuring your identity provider:
FieldValue
SCIM Base URLhttps://YOUR_GORBIT_DOMAIN/scim/v2
Bearer TokenThe token generated above

Configure Your Identity Provider

Use the SCIM Base URL and Bearer Token from the previous step when configuring provisioning in your IdP.
https://mintcdn.com/gorbit/qYeWoSrsnkRPFQDm/assets/icons/okta.svg?fit=max&auto=format&n=qYeWoSrsnkRPFQDm&q=85&s=98060144dc3fe057b97e3fb03b27c979

Okta

Follow Okta’s guide to add SCIM provisioning to your application

Microsoft Entra ID

Follow Microsoft’s guide to configure automatic provisioning
When prompted for connection details, use:
IdP FieldValue
SCIM Base URL / Tenant URLhttps://YOUR_GORBIT_DOMAIN/scim/v2
AuthenticationBearer token (HTTP Header)

Verifying the Connection

Once provisioning is configured, the SCIM page in the Gorbit Admin Panel will show a Connected status once the IdP has made its first request. You can also check the Users and Groups page to confirm that provisioned users and groups appear correctly.