Blog

Take control of user management with Cloudsmith's new SCIM capabilities

Jan 16 2024/Security/2 min read
Picture of Alison Sickelka
by Alison Sickelka
Cloudsmith announces expanded support for System for Cross-domain Identity Management (SCIM) for user management and enhanced software supply chain security

Your software artifacts are your intellectual property; that’s why Cloudsmith is built to put you in control. Cloudsmith provides a flexible, powerful permissions system and integrates with your identity provider to control authentication, team membership and manage your users' lifecycle. 

Managing users across hundreds of applications and systems can be a painful process, though. And we want Cloudsmith to be the artifact management platform of choice for enterprise customers. So we are pleased to let you know that we are expanding on the System for Cross-domain Identity Management (SCIM) capabilities in Cloudsmith. By integrating Cloudsmith with your identity provider (IdP) via SCIM, you can automate provisioning and de-provisioning users in Cloudsmith, letting your IdP serve as your single point for managing user access in Cloudsmith. 

What is the System for Cross-domain Identity Management (SCIM)?

SCIM, or System for Cross-domain Identity Management, is an open standard designed to manage user identity information. SCIM communicates user identity data between IdPs such as Okta, JumpCloud or Azure AD, and service providers requiring user identity information (such as enterprise SaaS apps, like Cloudsmith). SCIM uses RESTful APIs to transfer user data between systems.

How is SCIM different to SAML?

SAML is primarily used for single sign-on (SSO) authentication between applications and systems. SAML enables users to log in once to a single system, proving they are who they say they are, and then access multiple other systems without having to log in again.

Where SCIM differs is that it is API-based, not login-based. When changes to identities are made in the IdP, including create, update, and delete, they are automatically synced to the service providers (like Cloudsmith) according to the SCIM protocol. For end users, this means that they have seamless access to applications for which they’re assigned, with up-to-date profiles and permissions.

Get Early Access to SCIM on Cloudsmith Now

To demonstrate our commitment to providing enterprises with the control they need, we are offering early access to SCIM provisioning and de-provisioning capabilities. By participating in the early access program, you get an exclusive opportunity to explore these capabilities firsthand and shape the final release with your feedback.

To sign up for early access, please reach out to support@cloudsmith.com. We look forward to partnering with your enterprise on this journey of enhanced control and efficiency.

Thank you for choosing Cloudsmith as your trusted platform. Stay tuned for more updates as we continue to empower enterprises with cloud-native artifact management.

Get our next blog straight to your inbox