SCIM (System for Cross-domain Identity Management) is an open standard that automates the exchange of identity information between an identity provider (corporate directory, SSO solution) and business applications. Its goal: to create, update, deactivate, and delete user accounts centrally, without manual intervention in each piece of software.
In practice, SCIM defines a standardized data schema (users, groups) and a JSON REST API to manipulate it. When an employee joins the company, the directory automatically creates their account in every connected application: this is provisioning. When they leave, their access is revoked everywhere: this is deprovisioning. This is what we call identity lifecycle management.
This mechanism reduces data-entry errors, quickly closes orphaned accounts — a major security concern — and eases compliance, notably with the GDPR, by ensuring that only authorized people hold an active account. SCIM is generally paired with federated authentication (SSO) and protocols such as OAuth.
eyeot supports SCIM 2.0, which makes it possible to automatically synchronize accounts from the company directory and avoid managing access in two places. This capability is part of the platform's integrations.