About SCIM Group Mapping

The SCIM Group Mapping functionality allows you to set permissions (roles) for a particular group of users on an organization and stack(s) in Contentstack. When you add a user to a group via an IdP (Identity Provider) such as OneLogin, the permissions you have defined for the group will be applicable to that user.

Note: Only the Organization owner and Organization admin(s) have the right to use SCIM group mapping functionality.

You can set this permission by navigating to the SCIM 2.0 tab on your Organization Settings page. Then, from the groups you’ve created via IdP, select the group for which you want to define permissions and set permissions accordingly.

If you specify a group, let’s say “Content Manager group,” to have the Content Manager role for every stack existing within an organization, then all the users belonging to this group will have the Content Manager role for these stacks.

Note: It is recommended to disable SSO role-mapping when SCIM is enabled, because SCIM groups perform the role assignments in advance.