[Start Here] SCIM - The Basics

AnaplanOEG
edited December 2022 in Best Practices

Are you using Central Identity Management (CIM) and want to connect Anaplan directly to your Identity Management System (IDMS)? Are you facing challenges with a Security audit? Would you like to add Anaplan to your corporate User Provisioning process?

If any of the above questions describe even a part of your Anaplan experience, then you are ready to learn more about how the launch of SCIM will help you!

The recent launch of the SCIM feature is part of a series of CIM launches that will enhance Anaplan’s support of your User Provisioning process.

What benefits does SCIM unlock?

SCIM enhances user provisioning in two ways. First, it allows you to integrate SCIM-compliant Identity Management Systems (like Okta) directly with the Anaplan Tenant Administration console. SCIM also enables customer-side developers to integrate their applications with the Anaplan Tenant Administration console to extend and refine complex user provisioning solutions.

SCIM allows

Benefit

Why that is import

Direct integration with SCIM-compliant IDMS (e.g. Okta)

Improves efficiency by allowing incremental user creation and updates via a company’s standard User Provisioning process.

SCIM API capability enables customer-side application development

Streamlines and improves data integration between customer-created user management models and Anaplan CIM

Who Is It for and Why?

Three key personas will benefit most from SCIM:

  • Anaplan Admin, will analyze the current user provisioning process and determine where and how SCIM can be deployed across models to enhance user provisioning
  • Security Admin, will provide guidance on working with the IDMS team and expertise on satisfying internal Security policies on user provisioning
  • Integrations Developer, will interpret the Anaplan Admin’s recommendations and set up the automation and scheduling of the SCIM APIs. These APIs will be used to help enforce governance, and reduce the demands on the model builders.

Use Case Examples

SCIM is wholly focused on the User Provisioning process. It is best suited for team members that directly implement and support the management of users within Anaplan models. SCIM is intended for customers that have SCIM-compliant IDMS or are comfortable independently working with APIs and Anaplan. Below are two of examples of how some organizations may leverage SCIM.

Integrate with a SCIM-compliant IDMS (like Okta, for example)

SCIM provides the ability for an IDMS administrator to configure the customer IDMS to integrate directly with the Anaplan Tenant Administration console. This capability allows the IDMS administrator to add individual users to Anaplan and to assign them to a workspace. Note that user Role and Selective Access configurations must still be made within the Anaplan model.

Develop Custom Integrations with Anaplan Tenant Administration via API 

SCIM creates the ability for customers to use the SCIM API to integrate with the Anaplan Tenant Administration console. This may be valuable in integration cases where a customer has a trusted source of identity that does not allow for direct integration via the SCIM standard. 

Guidelines and Considerations

SCIM is intended to support an existing User Provisioning process rather than provide a user provisioning solution. Since user provisioning has common elements across customers and is typically governed by the customer's Security policies, you can get started today by mapping your existing User Provisioning processes to identify where SCIM would be most beneficial in supporting Security compliance and streamlining your User Provisioning process. SCIM is best considered as a component of the CIM roadmap. Combining SCIM with other CIM elements is highly recommended.

Here are some links that will provide more information:

Conclusion

SCIM provides an important capability for transforming existing model-level User Provisioning processes into enterprise-scale User Provisioning processes.

 

Ready to go to the next step?

Check out our SCIM Use Case example.

 

Got feedback on this content? Let us know in the comments below.

Contributing author Anne-Julie Balsamo.

Comments

  • Hi, Thank for this article. But could you explain what that means SCIM ? And, what are the different between SCIM and CIM ?

  • Hi @OlivierG -

    If you'd like to learn more about what SCIM is and how it relates to CIM, please take a look at the "Related Content' articles that we've assembled. You can find the links on this article page, on the right-hand side, about halfway down. I recommend starting with the three User Access Management articles and then follow those with the SCIM APIs use case. If you still have questions, feel free to ask a follow-up here!

     

    Thanks,

     

    Ernie