You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/docs/fundamentals/setup/account/account-security/scim-setup.mdx
+15-14Lines changed: 15 additions & 14 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -30,15 +30,15 @@ Accounts provisioned with SCIM need to verify their email addresses.
30
30
:::
31
31
32
32
---
33
-
## Gather required data
33
+
## Gather the required data
34
34
35
35
To start, you will need to collect a couple of pieces of data from Cloudflare and set these aside for later use.
36
36
37
37
### Get your Account ID
38
38
39
-
1. Navigate to the Account you want to configure for SCIM
40
39
41
-
2. In your browser's navigation bar, copy the Account ID from the URL. The URL should be in the format `https://dash.cloudflare.com/<accountID>`
40
+
1. In the [Cloudflare dashboard](https://dash.cloudflare.com/), go to the Cloudflare account that you want to configure for SCIM provisioning.
41
+
2. Copy your account ID from the account home page.
42
42
43
43
### Create an API token
44
44
@@ -92,28 +92,29 @@ To start, you will need to collect a couple of pieces of data from Cloudflare an
92
92
1. In **Provisioning to App**, select **Edit**.
93
93
2. Enable **Create Users** and **Deactivate Users**. Select **Save**.
94
94
3. In the integration page, go to **Assignments** > **Assign** > **Assign to Groups**.
95
-
4. Choose group(s) that you want to provision to Cloudflare.
95
+
4. Choose the group(s) that you want to provision to Cloudflare.
96
96
5. Select **Done**.
97
97
98
98
This will provision all of the users in the group(s) affected to your Cloudflare account with "minimal account access."
99
99
100
100
### Configure user permissions
101
101
102
-
There are two options for managing user permissions
103
-
* Manage your user permissions on a per-user basis in the Dashboard, API, or using Terraform.
102
+
There are two options for managing user permissions:
103
+
104
+
* Manage your user permissions on a per-user basis in the Cloudflare dashboard, API, or using Terraform.
104
105
* Map your IdP groups to a Cloudflare built-in [Role](/fundamentals/setup/manage-members/roles/). Groups may only be linked to one role.
105
106
106
107
1. Go to your SCIM application in the App Integration Catalog, then select **Provisioning**.
107
108
2. Under **To App*, select **Edit**.
108
109
3. Enable **Create Users** and **Deactivate Users**. Select **Save**.
109
-
4. Go to **Push Groups**
110
-
5.Click**+ Push Groups**, then **Find groups by name**
111
-
6.Type in the name of the group(s) you want to sync to Cloudflare.
112
-
7. Choose Link Group
113
-
8. Cloudflare provisioned user groups named in the pattern `CF-<accountID> - <Role Name>`. Choose the appropriate group that maps to your target role.
114
-
6. Disable **Rename groups**. Select **Save**.
115
-
7. Within the **Push Groups** tab, select **Push Groups**.
116
-
8. Add the groups you created.
110
+
4. Go to **Push Groups**.
111
+
5.Select**+ Push Groups**, then **Find groups by name**.
112
+
6.Enter the name of the group(s) that you want to sync to Cloudflare.
113
+
7. Choose **Link Group**.
114
+
8. Cloudflare provisioned user groups are named in the pattern `CF-<accountID> - <Role Name>`. Choose the appropriate group that maps to your target role.
115
+
9. Disable **Rename groups**. Select **Save**.
116
+
10. Within the **Push Groups** tab, select **Push Groups**.
117
+
11. Add the groups you created.
117
118
9. Select **Save**.
118
119
119
120
Adding any users to these groups will grant them the role. Removing the users from the identity provider will remove them from the associated role.
0 commit comments