Skip to main content

Configuring SCIM

Enabling SCIM in data.world

To enable SCIM in data.world:

Important

Only users with the Instance administrator permission can do this task. Please contact your instance administrator if you are not authorized to do this task.

  1. Before you enable SCIM make sure you have SSO enabled with Microsoft Entra (also known as Azure Active Directory) .

  2. Click your Profile icon on the right side of the top navigation.

  3. From the menu, select Admin portal.

  4. Browse to the SCIM Management page, and click the Enable SCIM button.

  5. You are asked to confirm your action. Click Enable SCIM to complete the activation.

  6. Once you enable SCIM you are presented with the SCIM Admin org and service token generated window.

    1. Note down the Service account token. You will require this while setting up SCIM in Azure. You will not be able to view or copy this token after you close this window.

    2. Also note a SCIM Admin Organization automatically gets created, which is used to manage SCIM administrators.

    3. Click the Copy and close button.

  7. You can now browse to SCIM Admin organization and view the members of the organization. The user who sets up SCIM and a service account are automatically added to this organization. Once you have provisioned SCIM user groups in data.world, you can add them to this organization if you want them to be SCIM administrators in the platform.

Configuring SCIM in Microsoft Entra

To configure SCIM in Microsoft Entra:

  1. Login in to Microsoft Entra account.

  2. In the Left navigation, browse to Identity > Applications > Enterprise applications.

  3. The Enterprise applications | All applications page opens. On this page, either open an already existing application that you have created for single sign-on with data.world, or create a new one. If you are using an existing application, skip to Step 8.

  4. To create a new application, click the New application button.

  5. On the Browse Microsoft Entra Gallery page, click the Create your own application button.

  6. On the Create your own application page that opens, set the following:

    1. What's the name of your app: Provide a name for the application.

    2. What are you looking to do with your application: Select Integrate any other application you don't find in the gallery (Non-gallery).

    3. Click Create. The newly created application page opens.

    The newly created application page opens.

  7. In the left navigation of the application page, browse to Manage > Single sign-on and configure SSO with data.world.

  8. In the left navigation of the application page, browse to Manage > Provisioning.

  9. On the Automate identity lifecycle management with Microsoft Entra page, click the Get started button.

  10. On the Provisioning page, set the following:

    1. Set the Provisioning Mode to Automatic.

    2. In the Admin Credentials section, in the Tenant URL field provide the URL as: https://api.data.world/v2/scim?aadOptscim062020. In the Secret Token field provide the service token you copied from data.world.

    3. Click Test connection. to make sure you configured everything correctly.

    4. Click Save.

Disabling SCIM in data.world

When you disable SCIM, the users and user groups will no longer be managed by your IDP. If you decide to renable SCIM, you will have to reconfigure SCIM in Microfoft Entra and data.world and you have to reprovision all the users and user groups again.

Warning

Use this option only under the guidance of the data.world team.

To disable SCIM:

  1. Click your Profile icon on the right side of the top navigation.

  2. From the menu, select Admin portal.

  3. Browse to the SCIM Management page, and click the Disable SCIM button.

  4. Confirm the deactivation.

In this section: