Skip to Content
Getting StartedSSO & SCIM

SSO & SCIM

SecureHive supports enterprise single sign-on via SAML 2.0 and OIDC, with SCIM 2.0 for automated user provisioning and deprovisioning.

For detailed step-by-step instructions on Microsoft Entra ID configuration (OIDC, SAML, SCIM attribute mappings, and troubleshooting), see the Identity Provider Authentication guide.

SSO Configuration

Azure AD Setup

  1. In the Azure portal, go to Enterprise Applications → New Application → Create your own application
  2. Name it “SecureHive” and select Integrate any other application
  3. Under Single sign-on, choose SAML and configure:
    • Entity ID: https://app.securehive.ai/auth/saml/metadata
    • Reply URL: https://app.securehive.ai/auth/saml/callback
    • Sign-on URL: https://app.securehive.ai
  4. Download the Federation Metadata XML and upload it in SecureHive under Settings → Identity & Access → SSO

SCIM Provisioning

SCIM provisioning is available on the Enterprise plan. Contact your account representative to enable it.

SCIM automatically syncs users and groups from your identity provider to SecureHive. When an employee is added or removed in your IdP, their SecureHive access updates within minutes.

Setup

  1. Navigate to Settings → Identity & Access → SCIM
  2. Click Generate SCIM Token — save this token securely
  3. Copy the SCIM Endpoint URL shown
  4. In your identity provider, configure SCIM provisioning with the endpoint and token

Supported Operations

  • Create users — New IdP users are automatically provisioned
  • Update users — Profile changes (name, email, department) sync automatically
  • Deactivate users — Removed IdP users are immediately deactivated
  • Group sync — IdP groups map to SecureHive roles and teams
Last updated on
ConfigurationRoles & permissions