In the August update, Bitwarden added support for the System for Cross-domain Identity Management (SCIM) standard for Enterprise plans. This new capability allows for seamless, automated provisioning of users from a centralized directory or identity management service. Identity providers supported at launch include Azure AD, Okta, OneLogin, and JumpCloud.
SCIM is an industry open standard protocol that enables the automation of management and exchange of user identity information across IT systems or domains. This simplifies the process for IT admins to onboard and manage users for any SaaS products, internal tools, and more.
Instead of manually creating an account for every tool when a new employee joins the company, an IT administrator can simply add the new user to their identity provider (IdP) or directory, which will use SCIM to automatically create the accounts across all services and tools for them. Importantly, SCIM also works in reverse; when a user moves to another department or leaves the company, the necessary accounts will be automatically closed, reducing potential security risks.
SCIM can also be used with groups to assign users specific roles in end-point software so they have access to job-specific tools. For example, someone joining the HR team would automatically be given the correct permissions to manage employee details in their newly created account in the company’s SaaS HR portal.
Bitwarden provides a SCIM endpoint that integrates with several services. From the SCIM Provisioning window, an admin can find the SCIM API Key and URL to share with the specific directory provider. Administrators of Bitwarden Enterprise plans can activate SCIM support and integrate their Bitwarden installation with any of the supported providers today.
SCIM support expands the abilities for businesses to sync their directories with Bitwarden, which also offers the Directory Connector as a standalone application. Enterprises now have the ability to choose the option that best suits their requirements:
SCIM support enables Bitwarden to receive updates from the IdP or directory at any time, such as new users and modifications to groups. It will automatically provision users when the IdP pushes a change.
The Bitwarden Directory Connector is a standalone application that actively syncs users and groups to a Bitwarden Organization from an existing directory service. Syncing only occurs when the application is running. It is compatible with a wide range of services and directory types.
If your organization is interested in learning more about adding password management to your enterprise security stack, you can talk to sales about your business needs, or start your 7-day enterprise free trial now.