Merge branch 'main' into Update-Azure-docs-for-Azure-metrics-source-compatibility-(part-1)

Author: amee-sumo

blog-service/2025-05-08-manage.md

@@ -0,0 +1,14 @@
+---
+title: SCIM Provisioning (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - saml
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+We're excited to announce provisioning for Sumo Logic using SCIM (System for Cross-domain Identity Management). Now you can automatically provision and deprovision users in Sumo Logic with an identity provider like Microsoft Entra ID, Okta, or OneLogin.
+
+[Learn more](/docs/manage/security/scim/).

cid-redirects.json

@@ -1427,6 +1427,7 @@
   "/APIs/About-the-Search-Job-API": "/docs/api/search-job",
   "/APIs/Search-Job-API/Search-Job-API-Overview": "/docs/api/search-job",
   "/APIs/Search-Job-API/About-the-Search-Job-API": "/docs/api/search-job",
+  "/docs/api/search/search-job-api": "/docs/api/search-job",
   "/APIs/Service_Allowlist_Management_API": "/docs/api/service-allowlist",
   "/APIs/Tokens_Management_API": "/docs/api/token-management",
   "/APIs/Tracing_APIs": "/docs/api/tracing",
@@ -1441,6 +1442,7 @@
   "/APIs/Troubleshooting-APIs/Receiving-500-errors-when-using-the-Search-Job-API": "/docs/api/troubleshooting",
   "/APIs/Troubleshooting-APIs/Search-Job-API-Results-into-formatted-JSON-file": "/docs/api/troubleshooting",
   "/APIs/User-Management-API": "/docs/api/user-management",
+  "/Archive": "/docs/release-notes",
   "/Archive/Collector_Release_Notes_Archive": "/release-notes-collector",
   "/docs/api/collectors": "/docs/api/collector-management",
   "/docs/api/fields": "/docs/api/field-management",
@@ -3538,6 +3540,7 @@
   "/Other_Solutions/Work_from_Home_Solution": "/docs/observability/work-from-home-vpn",
   "/Other_Solutions/Work_from_Home_Solution/VPN_Monitoring_Resources_and_Tips": "/docs/observability/work-from-home-vpn",
   "/Other_Solutions/Software_Development_Optimization_Solution": "/docs/observability/sdo",
+  "/Release_Archive": "/docs/release-notes",
   "/Release_Archive/Collector_Release_Notes_Archive": "/release-notes-collector",
   "/Release_Archive/Quick-Start-Tutorial(deprecated)": "/docs/get-started",
   "/Release_Archive/Quick-Start-Tutorial(deprecated)/01_Sumo_Logic_Quick_Start_Tutorial": "/",
@@ -4310,6 +4313,7 @@
   "/docs/manage/partitions-data-tiers/manage-indexes-variable-retention": "/docs/manage/partitions/manage-indexes-variable-retention",
   "/docs/manage/partitions-data-tiers/decommission-partition": "/docs/manage/partitions/decommission-partition",
   "/docs/manage/partitions-data-tiers/data-tiers": "/docs/manage/partitions/data-tiers",
+  "/docs/manage/partitions/data-tier": "/docs/manage/partitions/data-tiers",
   "/docs/manage/partitions/data-tier/view-partition-details": "/docs/manage/partitions/data-tiers/view-partition-details",
   "/docs/manage/partitions/data-tier/data-tiers-faqs": "/docs/manage/partitions/data-tiers/faq",
   "/docs/manage/partitions-data-tiers/data-tiers-faqs": "/docs/manage/partitions/data-tiers/faq",

docs/api/index.md

@@ -196,14 +196,19 @@ Use the Sumo Logic Application Programming Interfaces (APIs) to interact with ou
 </div>
 <div className="box smallbox card">
   <div className="container">
-  <a href="/docs/api/scan-budget"><img src={useBaseUrl('img/icons/general/calendar.png')} alt="Thumbnail icon" width="50"/><h4>Scan Budget</h4></a>
+  <a href="/docs/api/scan-budget"><img src={useBaseUrl('img/icons/operations/data-volume.png')} alt="Thumbnail icon" width="50"/><h4>Scan Budget</h4></a>
   </div>
 </div>
 <div className="box smallbox card">
   <div className="container">
   <a href="/docs/api/scheduled-views"><img src={useBaseUrl('img/icons/general/calendar.png')} alt="Thumbnail icon" width="50"/><h4>Scheduled Views</h4></a>
   </div>
 </div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/api/scim-user"><img src={useBaseUrl('img/icons/general/session.png')} alt="Thumbnail icon" width="50"/><h4>SCIM User</h4></a>
+  </div>
+</div>
 <div className="box smallbox card">
   <div className="container">  
   <a href="/docs/api/search-job"><img src={useBaseUrl('img/icons/search.png')} alt="Thumbnail icon" width="50"/><h4>Search Job</h4></a>

docs/api/scim-user.md

@@ -0,0 +1,40 @@
+---
+id: scim-user
+title: SCIM User Management APIs
+sidebar_label: SCIM User
+description: Use HTTP endpoints to manage your SCIM configuration.
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+import ApiIntro from '../reuse/api-intro.md';
+import ApiRoles from '../reuse/api-roles.md';
+
+<img src={useBaseUrl('img/icons/general/session.png')} alt="Thumbnail icon" width="50"/>
+
+The SCIM User Management API allows you to provision users to Sumo Logic from [SCIM provisioning providers](/docs/manage/security/scim/).
+
+## Documentation
+
+<ApiIntro/>
+
+| Deployment | Documentation URL                                                   |
+|:------------|:---------------------------------------------------------------------|
+| AU         | https://api.au.sumologic.com/docs/#tag/scimUserManagement  |
+| CA         | https://api.ca.sumologic.com/docs/#tag/scimUserManagement  |
+| DE         | https://api.de.sumologic.com/docs/#tag/scimUserManagement  |
+| EU         | https://api.eu.sumologic.com/docs/#tag/scimUserManagement  |
+| FED        | https://api.fed.sumologic.com/docs/#tag/scimUserManagement |
+| IN         | https://api.in.sumologic.com/docs/#tag/scimUserManagement  |
+| JP         | https://api.jp.sumologic.com/docs/#tag/scimUserManagement  |
+| KR         | https://api.kr.sumologic.com/docs/#tag/scimUserManagement  |
+| US1        | https://api.sumologic.com/docs/#tag/scimUserManagement     |
+| US2        | https://api.us2.sumologic.com/docs/#tag/scimUserManagement |
+
+## Required role capabilities
+
+<ApiRoles/>
+
+* Security
+    * Manage SAML
+* User Management (all role capabilities)
+

docs/manage/security/saml/set-up-saml.md

@@ -36,15 +36,15 @@ The provisioning process works as follows:
 
 This section has key information about SAML in Sumo.
 
-## Access keys are not controlled by SAML
+### Access keys are not controlled by SAML
 
 This means that if a user has been turned off on the SSO side, their access keys would still be valid. For this reason, administrators should audit users regularly and disable access keys when necessary.
 
-## SAML does not provide a deprovisioning mechanism 
+### SAML does not provide a deprovisioning mechanism 
 
 This means that if a user is deleted or disabled in the SSO database, it will not be reflected in Sumo Logic. However, these users would no longer be able to login to Sumo Logic via SSO. Administrators can delete these users from the **Administration > Users and Roles > Users** page in Sumo Logic. For information about what happens when a user is deleted, and transferring a deleted user's content to another user, see [Delete a User](../../users-roles/users/delete-user.md).
 
-## Only one certificate for each SAML configuration is currently supported
+### Only one certificate for each SAML configuration is currently supported
 
 Only one token-signing ADFS X.509 for each SAML configuration is currently supported. When you need to do a certificate refresh on the ADFS server, you must update the Sumo certificate afterwards.
 

docs/manage/security/scim/about-scim-provisioning.md

@@ -0,0 +1,69 @@
+---
+id: about-scim-provisioning 
+title: About SCIM Provisioning
+sidebar_label: About
+description: Learn about provisioning users into Sumo Logic using SCIM. 
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+You can utilize Sumo Logic [SCIM User Management APIs](/docs/api/scim-user/) to automatically provision and deprovision users in Sumo Logic when users are created or removed within your identity provider. Sumo Logic can be integrated with any identity provider that is [SCIM 2](https://scim.cloud/) compliant.
+
+## Directions for specific providers
+
+This article contains general guidance on setting up identity providers to provision with Sumo Logic.
+
+See the following articles for directions to configure specific providers:
+* [Provision with Microsoft Entra ID](/docs/manage/security/scim/provision-with-microsoft-entra-id/)
+* [Provision with Okta](/docs/manage/security/scim/provision-with-okta/)
+* [Provision with OneLogin](/docs/manage/security/scim/provision-with-onelogin/)
+
+## General process to configure provisioning for Sumo Logic
+
+Although the process will differ depending on your provider, following are the general steps to configure your provider to provision with Sumo Logic. 
+
+### Prerequisites
+
+#### Create an access key
+
+Before configuring a provider, create an [access key](/docs/manage/security/access-keys/). (We recommend using a service account to create the access key.) This access key will provide authorization to provision users from the provider into Sumo Logic.
+
+When you create the access key, copy its access ID and access key values. You will enter these when you set up provisioning to use one of the following authorization methods:
+* Basic authentication
+   * Username: Access ID
+   * Password: Access key
+* Bearer token<br/>Use [Base64 encoding](https://www.base64encode.org/) to Base64 encode `<access ID>:<access key>`.
+
+#### Set up SAML
+
+[Set up SAML for single sign-on](/docs/manage/security/saml/set-up-saml/) in the Sumo Logic instance where you will provision users. This will allow connection to Sumo Logic for provisioning. Copy the single sign-on URL (Assertion Consumer URL) and entity ID from your Sumo Logic SAML configuration to set up single sign-on in your provider.
+
+<img src={useBaseUrl('img/security/provision-sumo-logic-saml-settings.png')} alt="ACS and entity ID from Sumo Logic" style={{border: '1px solid gray'}} width="800" />
+
+### Step 1: Create an app
+
+Create an application in your provider. You will configure this app in the following steps.
+
+### Step 2: Set up single sign-on
+
+Set up single sign-on for the app to connect to Sumo Logic. Copy the Assertion Consumer URL and entity ID from the SAML configuration in Sumo Logic to use in the configuration. (See [Set up SAML](#set-up-saml) above.)
+
+### Step 3: Set up roles
+
+Set up roles in your app to match roles in Sumo Logic (for example, Administrator and Analyst). When users assigned these roles in your app are provisioned, the roles are automatically assigned to the provisioned users in Sumo Logic.
+
+### Step 4: Assign users to your app
+
+Assign users to your app. All users assigned to the app will be provisioned.
+
+### Step 5: Set up provisioning
+
+When you set up provisioning for the app, provide a Sumo Logic access key to authorize access to Sumo Logic. (See [Create an access key](#create-an-access-key) above.) 
+
+For the SCIM base URL, provide the Sumo Logic [API endpoint for your deployment](/docs/api/getting-started/#sumo-logic-endpoints-by-deployment-and-firewall-security) for the [SCIM User Management APIs](/docs/api/scim-user/) using the format `<api-endpoint>/v1/scim/`. For example, `https://api.sumologic.com/api/v1/scim/`. 
+
+### Step 6: Verify provisioning
+
+Test provisioning to ensure that users assigned to the app are provisioned correctly into Sumo Logic. Verify in your provider's logs and in the Sumo Logic UI. 
+
+

docs/manage/security/scim/index.md

@@ -0,0 +1,38 @@
+---
+slug: /manage/security/scim
+title: SCIM Provisioning
+description: Learn how to provision users in Sumo Logic using SCIM. 
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+Learn how to provision and deprovision users in Sumo Logic using SCIM (System for Cross-domain Identity Management).
+
+This section contains the following articles:
+
+<div className="box-wrapper" >
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/manage/security/scim/about-scim-provisioning"><img src={useBaseUrl('img/icons/general/session.png')} alt="icon" width="40"/><h4>About SCIM Provisioning</h4></a>
+  <p>Learn about provisioning users in Sumo Logic using SCIM.</p>
+  </div>
+</div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/manage/security/scim/provision-with-microsoft-entra-id"><img src={useBaseUrl('img/icons/general/session.png')} alt="icon" width="40"/><h4>Provision with Microsoft Entra ID</h4></a>
+  <p>Learn how to provision users in Sumo Logic with Microsoft Entra ID (formerly Azure Active Directory).</p>
+  </div>
+</div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/manage/security/scim/provision-with-okta"><img src={useBaseUrl('img/icons/general/session.png')} alt="icon" width="40"/><h4>Provision with Okta</h4></a>
+  <p>Learn how to provision users in Sumo Logic with Okta</p>
+  </div>
+</div>
+<div className="box smallbox card">
+  <div className="container">
+  <a href="/docs/manage/security/scim/provision-with-onelogin"><img src={useBaseUrl('img/icons/general/session.png')} alt="icon" width="40"/><h4>Provision with OneLogin</h4></a>
+  <p>Learn how to provision users in Sumo Logic with OneLogin</p>
+  </div>
+</div>
+</div>