You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: src/content/partials/cloudflare-one/access/enable-scim-on-dashboard.mdx
+6-3Lines changed: 6 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -13,11 +13,14 @@ import { Markdown } from "~/components"
13
13
14
14
3. Turn on **Enable SCIM**{props.and}**{props.supportgroups}**.
15
15
16
-
4. (Optional) Turn on the following settings:
16
+
4. (Optional) Configure the following settings:
17
17
18
-
***Enable user deprovisioning**: [Revoke a user's active session](/cloudflare-one/identity/users/session-management/#per-user) when they are removed from the SCIM application in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any Gateway WARP session policies.
18
+
***Enable user deprovisioning**: [Revoke a user's active session](/cloudflare-one/identity/users/session-management/#per-user) when they are removed from the SCIM application in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/).
19
19
***Remove user seat on deprovision**: [Remove a user's seat](/cloudflare-one/identity/users/seat-management/) from your Zero Trust account when they are removed from the SCIM application in {props.idp}.
20
-
***Enable group membership change reauthentication**: [Revoke a user's active session](/cloudflare-one/identity/users/session-management/#per-user) when their group membership changes in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any Gateway WARP session policies. Access will read the user's updated group membership when they reauthenticate.
20
+
***SCIM identity update behavior**: Choose what happens in Zero Trust when the user's identity updates in {props.idp}.
21
+
-_Automatic identity updates_: Automatically update the user's identity when {props.idp} sends an updated identity or group membership through SCIM.
22
+
-_Group membership change reauthentication_: [Revoke a user's active session](/cloudflare-one/identity/users/session-management/#per-user) when their group membership changes in {props.idp}. This will invalidate all active Access sessions and prompt for reauthentication for any [WARP session policies](/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-sessions/). Access will read the user's updated group membership when they reauthenticate.
23
+
-_No action_: Update the user's identity the next time they reauthenticate to Access or WARP.
0 commit comments