SCIM (System for Cross-domain Identity Management)

What’s New

Harvey now supports System for Cross-domain Identity Management (SCIM) in Early Access, enabling automated identity and access management across your organization.

Key capabilities include:

• Automated user provisioning: Create, update, and deactivate users directly from your Identity Provider (IdP)
• Role and group synchronization: Automatically sync roles, permissions, and group memberships
• Centralized identity management: Manage access to Harvey from your existing identity system
• Improved security and compliance: Enforce least-privilege access and reduce outdated or incorrect permissions
• Reduced administrative overhead: Eliminate manual onboarding and offboarding workflows

Why It Matters

SCIM introduces a standardized, automated approach to managing user access:

• Keep access accurate: User status, roles, and groups stay in sync with your organization
• Reduce risk: Automatically remove access when users leave or change roles
• Save time: Eliminate manual updates across users and teams
• Support enterprise requirements: Align with common identity and access management standards

How to Use

For Admins

1. Configure SCIM in your Identity Provider (for example, Microsoft Entra ID or Okta)
2. Enable SCIM provisioning for Harvey
3. Map:

   • Users
   • Roles
   • Groups
4. Test provisioning to confirm users and permissions sync correctly

For detailed setup instructions, see the SCIM Integration Guide.

Known Limitations

• Early Access only: Available to select organizations
• Admin configuration required: Must be set up through your Identity Provider
• IdP dependency: SCIM behavior depends on your Identity Provider configuration and mappings
• Supported providers (initial):

  • Microsoft Entra ID (Azure AD)
  • Okta

FAQ