env zero now supports SCIM 2.0 (System for Cross-domain Identity Management), enabling your Identity Provider (IdP) to automatically provision and deprovision users. Instead of relying on login-time syncing, SCIM keeps your user directory in sync continuously - access is granted or revoked as soon as changes happen in your IdP.Documentation Index
Fetch the complete documentation index at: https://docs.envzero.com/llms.txt
Use this file to discover all available pages before exploring further.
What’s new
Automatic user provisioning and deprovisioning
- Users are created in env zero as soon as they are assigned in your IdP
- When a user is removed or deactivated in your IdP, their access to env zero is revoked immediately
- No manual user management required - your IdP is the single source of truth
Self-service setup from the UI
- Configure SCIM directly from Organization Settings > SSO after setting up an SSO connection
- Generate a SCIM bearer token and endpoint URL with a single click
- Works alongside your existing SAML or Azure AD SSO configuration
Supported identity providers
- Okta - native SCIM 2.0 integration
- Microsoft Entra ID (Azure AD) - native SCIM 2.0 integration
- Any identity provider that supports the SCIM 2.0 standard
Why this matters
- Security and compliance - user access is revoked the moment they leave the organization, with no manual cleanup needed
- Operational efficiency - eliminate manual user provisioning across your infrastructure platform
- Auditability - deprovisioning events are logged in the audit trail
How to get started
- Ensure you have an SSO connection configured (SAML or Azure AD)
- Navigate to Organization Settings > SSO
- In the SCIM Provisioning section, click Generate SCIM Token
- Copy the endpoint URL and bearer token into your identity provider’s SCIM configuration