Add release note

Author: jpipkin1

blog-service/2025-04-15-manage.md

@@ -0,0 +1,18 @@
+---
+title: SCIM Provisioning (Manage)
+image: https://help.sumologic.com/img/sumo-square.png
+keywords:
+  - manage
+  - saml
+hide_table_of_contents: true    
+---
+
+import useBaseUrl from '@docusaurus/useBaseUrl';
+
+<a href="https://help.sumologic.com/release-notes-service/rss.xml"><img src={useBaseUrl('img/release-notes/rss-orange2.png')} alt="icon" width="50"/></a>
+
+We're excited to announce provisioning for Sumo Logic using SCIM (Cross-domain Identity Management). Now you can automatically provision and deprovision users in Sumo Logic from a provider like Microsoft Entra ID, Okta, or OneLogin.
+
+Create an access key using a Sumo Logic service account to provide authentication for the provider to provision users into Sumo Logic.
+
+[Learn more](/docs/manage/security/scim/).

docs/manage/security/scim/about-scim-provisioning.md

@@ -7,11 +7,29 @@ description: Learn about provisioning users into Sumo Logic using SCIM.
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
 
-This article describes the general process for provisioning users into Sumo Logic from SCIM provisioning providers. 
+You can provision and deprovision users in Sumo Logic using SCIM (System for Cross-domain Identity Management). SCIM provisioning in Sumo Logic uses [SCIM User Management APIs](/docs/api/scim-user/).
 
-SCIM provisioning in Sumo Logic uses the [SCIM User Management APIs](/docs/api/scim-user/).
+## Directions for provisioning providers
 
 See the following articles for directions to configure specific provisioning providers:
 * [Provision from Microsoft Entra ID](/docs/manage/security/scim/provision-from-microsoft-entra-id/)
 * [Provision from Okta](/docs/manage/security/scim/provision-from-okta/)
-* [Provision from OneLogin](/docs/manage/security/scim/provision-from-onelogin/)
+* [Provision from OneLogin](/docs/manage/security/scim/provision-from-onelogin/)
+
+## Prerequisites
+
+### Create an access key
+
+Before configuring a provisioning provider, you must create an [access key](/docs/manage/security/access-keys/) using a service account. This access key will provide authorization to provision users from the provider into Sumo Logic.
+
+When you create the access key, copy its access ID and access key values. Depending on the provider you configure, you will enter these when you set up provisioning to use one of the following authorization methods:
+* Basic authentication
+   * Username: Access ID
+   * Password: Access key
+* Bearer token<br/>Use [Base64 encoding](https://www.base64encode.org/) to Base64 encode `<access ID>:<access key>`.
+
+### Set up SAML
+
+Depending on the provider you configure, you may need to [set up SAML for single sign-on](/docs/manage/security/saml/set-up-saml/) in the Sumo Logic instance where you will provision users. This will allow connection to Sumo Logic for provisioning. You may need to copy the single sign-on URL (Assertion Consumer URL) and entity ID from your Sumo Logic [SAML configuration](/docs/manage/security/saml/set-up-saml/#review-saml-configuration) to set up provisioning.
+
+<img src={useBaseUrl('img/security/provision-sumo-logic-saml-settings.png')} alt="ACS and entity ID from Sumo Logic" style={{border: '1px solid gray'}} width="800" />

docs/manage/security/scim/index.md

@@ -6,7 +6,7 @@ description: Learn how to provision users into Sumo Logic using SCIM.
 
 import useBaseUrl from '@docusaurus/useBaseUrl';
 
-Learn how to provision users into Sumo Logic using System for Cross-domain Identity Management (SCIM).
+Learn how to provision and deprovision users in Sumo Logic using SCIM (System for Cross-domain Identity Management).
 
 This section contains the following articles:
 

docs/manage/security/scim/provision-from-microsoft-entra-id.md

@@ -73,19 +73,24 @@ When you [configure SAML in Sumo Logic](/docs/manage/security/saml/integrate-sum
       * roles[primary eq "True"].value
    1. Click **Save**.<br/><img src={useBaseUrl('img/security/provision-azure-attribute-mappings.png')} alt="Attribute mappings" style={{border: '1px solid gray'}} width="600" />
 1. Click the **Home > `<app name>` | Provisioning** link in the top left corner of the screen. This returns you to the **Provisioning** tab.
-1. For **Provisioning Status** select **On** to enable provisioning.
-1. Click **Save**.<br/><img src={useBaseUrl('img/security/provision-azure-provisioning-status.png')} alt="Provisioning status" style={{border: '1px solid gray'}} width="600" />
 
 ### Step 5: Test provisioning
 
-1. In the app, select **Overview**.
+1. In the app, select **Manage > Provisioning**.
+1. For **Provisioning Status** select **On** to enable provisioning.
+1. Click **Save**.<br/><img src={useBaseUrl('img/security/provision-azure-provisioning-status.png')} alt="Provisioning status" style={{border: '1px solid gray'}} width="600" />
+1. Select **Overview**.
 1. Select **Provision on demand**.<br/><img src={useBaseUrl('img/security/provision-azure-provision-on-demand.png')} alt="Provision on demand" style={{border: '1px solid gray'}} width="600" />
 1. Users assigned the app will be provisioned into Sumo Logic. 
 
 As long as the app's provisioning status is on, the app runs auto provisioning every 40 minutes.
 
+:::note
+By default, users will be assigned the `User` role in Sumo Logic. (The `User` role must already be set up in Sumo Logic to allow users to be provisioned with that role.)
+:::
+
 ## Syncing between Microsoft Entra ID and Sumo Logic
 
-When you modify the name, email, or role of a user assigned the app in Microsoft Entra ID, the changes will be synced to the corresponding user in Sumo Logic.
+When you modify the name or email of a user assigned the app in Microsoft Entra ID, the changes will be synced to the corresponding user in Sumo Logic.
 
 If you unassign a user from the app in Microsoft Entra ID, the corresponding user is deactivated in Sumo Logic. (If you later try to reassign that same user to the app, it will result in an error in Sumo Logic. You must delete the old user from Sumo Logic first so that the user can be provisioned once again from Microsoft Entra ID.)

docs/manage/security/scim/provision-from-okta.md

@@ -11,12 +11,6 @@ This article describes how to provision users into Sumo Logic from Okta.
 
 ## Prerequisites
 
-### Set up SAML
-
-If it is not already set up, [set up SAML for single sign-on with Okta](/docs/manage/security/saml/integrate-sumo-logic-with-okta/) in the Sumo Logic instance where you will provision users. This will allow connection to Sumo Logic for provisioning. Copy the single sign-on URL (Assertion Consumer URL) and entity ID from your Sumo Logic [SAML configuration](/docs/manage/security/saml/set-up-saml/#review-saml-configuration). You will use them when you set up provisioning.
-
-<img src={useBaseUrl('img/security/provision-sumo-logic-saml-settings.png')} alt="ACS and entity ID from Sumo Logic" style={{border: '1px solid gray'}} width="800" />
-
 ### Create an access key
 
 Create an [access key](/docs/manage/security/access-keys/) using a service account. This access key will provide authorization to provision users from Okta into Sumo Logic.
@@ -27,6 +21,12 @@ When you create the access key, copy its access ID and access key values. You wi
    * Password: Access key
 * Bearer token<br/>Use [Base64 encoding](https://www.base64encode.org/) to Base64 encode `<access ID>:<access key>`.
 
+### Set up SAML
+
+If it is not already set up, [set up SAML for single sign-on with Okta](/docs/manage/security/saml/integrate-sumo-logic-with-okta/) in the Sumo Logic instance where you will provision users. This will allow connection to Sumo Logic for provisioning. Copy the single sign-on URL (Assertion Consumer URL) and entity ID from your Sumo Logic [SAML configuration](/docs/manage/security/saml/set-up-saml/#review-saml-configuration). You will use them when you set up provisioning.
+
+<img src={useBaseUrl('img/security/provision-sumo-logic-saml-settings.png')} alt="ACS and entity ID from Sumo Logic" style={{border: '1px solid gray'}} width="800" />
+
 ## Configure provisioning from Okta
 
 ### Step 1: Create the app