Setup Guide to configure Automatic User Provisioning ( SCIM ) into Drupal with CyberArk

Setup Guide to configure Automatic User Provisioning ( SCIM ) into Drupal with CyberArk


The System for Cross-domain Identity Management (SCIM) is an open standard HTTP based protocol for automating the exchange of user identity information between identity domains, or IT systems. SCIM aims to simplify user provisioning and management in the cloud. For example, as an Identity Provider add, update and delete the user, they are added, updated and removed from the Drupal User Profile. To achieve this functionality CyberArk provides the User Provisioner with SCIM standard.

If your users are using both CyberArk and Drupal website, it is preferred to have all users updated in Drupal site without login each time to update user list. miniOrange provides a solution which allows user provisioning into Drupal website using SCIM standard.

miniOrange provides a solution by introducing a Drupal module to support CyberArk User Provisioning and allows user to access your website by using their CyberArk account credential to login into Drupal. SCIM User Provisioner module also allows provisioning with custom Providers. SCIM User Provisioner module works with any IDP that conforms to the SCIM standard.

Features and Pricing

Know more about Drupal Cross-Domain User Provisioning (SCIM) from here.

Pre-requisites: Download

You can download the Drupal User SCIM Provisioning module, please contact us.

Follow the steps below for configuring CyberArk SCIM user provisioning in Drupal

1. Drupal SCIM User Provisioning

  • Login into your Drupal console.
  • Install and activate the MiniOrange SCIM User Provisioning module on your Drupal site.
  • Go to the miniOrange SCIM module and navigate to the SCIM Configuration tab.
  • You can find SCIM Base URL and SCIM Bearer Token in the SCIM Configuration tab of the module and keep it handy.
  • Drupal SCIM User Provisioning - Copied SCIM Base URL & SCIM Bearer Token keep it handy

Note: These information are required to configure your application CyberArk as IDP.

2. Automated User Provisioning with CyberArk

  • Login into your CyberArk Admin Console.
  • cyberark cross domain provisioning (scim) - login into cyberark

    Note: You can setup Single Sign-On (SSO) into Drupal as SAML SP with CyberArk as IDP by following the steps give here.

  • Click on the Provisioning tab.
  • Select Enable provisioning for this application then click on Save.
  • cyberark cross domain provisioning (scim) - select provisioning
  • Open a popup SCIM Provisioning window then click on Yes button.
  • cyberark cross domain provisioning (scim) - ensure your application support scim and click yes in scim provisioning window
  • Select Preview and Live Mode.
  • cyberark cross domain provisioning (scim) - select preview and live mode
  • Enter SCIM Base URL in the SCIM Service URL text field.
  • cyberark cross domain provisioning (scim) - enter scim service url
  • Select Authorization Type.
  • Note: The Authorization Type determines what information is required and where to find the information.

    cyberark cross domain provisioning (scim) - enter authorization type
    OAuth 2.0 This Authorization Type uses a workflow to authorize access. The Authorization Header directly provides credentials.
    Authorization Header Required choosing a header type
  • In Authorization Type fill all the reuired information:
    • If you choose OAuth 2.0 required infromation from here.

      • Authorize URL: Copy and paste Authorize url from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
      • Access Token URL: Copy and paste Authorize url from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
      • Client ID: Copy and paste Client ID from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
      • Client Secret: Copy and paste Client Secret from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
      • Scope: Copy and paste Scope from the Configure OAuth tab in the Drupal OAuth/OpenId connect client module
    cyberark cross domain provisioning (scim) - enter oauth 2.0
    • Authorization Header
      • If you select Authorization Header require you to choose Header Type.
      • Select Bearer Token if your app requires the header in the format: Bearer .
      • Select Basic if your app requires authentication in the format: HTTP BASIC.
      • Select Direct if your app uses some other format.
    cyberark cross domain provisioning (scim) - enter oauth 2.0
  • Select Bearer Token.
  • Copy SCIM Bearer Token from the SCIM Configuration tab and paste the Bearer Token text field.
  • Click on Verify and Save button to save your SCIM Provisioning information.
  • cyberark cross domain provisioning (scim) - enter oauth 2.0

24*7 Active Support

If you face any issues or if you have any questions, please feel free to reach out to us at drupalsupport@xecurify.com. In case you want some additional features to be included in the module, please get in touch with us, and we can get that custom-made for you. Also, If you want, we can also schedule an online meeting to help you configure the Drupal SCIM User Provisioning module.

Additional Resources

Our Other modules

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com