How to Set Up Automatic User Provisioning with SCIM

Last updated: February 13, 2026

Setting up SCIM (System for Cross-domain Identity Management) gives your IT team automatic, reliable account lifecycle management for Fireflies.

It's the perfect partner to SAML SSO. While SSO creates users "Just-In-Time" (JIT) when they first sign in, adding SCIM 2.0 lets you pre-create accounts and immediately deactivate users from Fireflies when they're removed from your Identity Provider (IdP).

🔍 What Does the Integration Do?

This setup connects your Identity Provider (like Okta or Entra ID) to Fireflies using the SCIM 2.0 standard. Once configured, it allows your IdP to:

  • Automatically provision (create) new user accounts in Fireflies.

  • Automatically update user profile details.

  • Automatically de-provision (deactivate) user accounts in Fireflies when they are removed from your IdP.

🔑 Prerequisites

Before you can enable SCIM provisioning, you must first have Single Sign-On (SSO) set up for your Fireflies account.

🔗 Get Your SCIM Credentials from Fireflies

To connect your IdP, you'll first need to get two pieces of information from your Fireflies account.

  • SCIM Connector Base URL: https://user-service-rest.fireflies.ai/scim/v2

  • SCIM Access Token

Step 1: Generate your token

Note: Only the Admin Account that set up SSO will be able to create SCIM Tokens.

  • Navigate to Team -> Settings -> Advanced Settings -> SCIM Access Token.

    Adobe Express - 0.gif

  • Click Generate to create your token. Copy this token immediately, as you won't be able to see it again.

Note: To revoke or rotate this token, generate a new token to automatically invalidate the previous one.

1.gif

Setting Up Your Configuration

Here are the specific instructions for connecting SCIM with Okta and Entra ID.

Configure in Okta

Step 1: Open your Fireflies app

  • From your Okta dashboard, open the Fireflies application you previously set up for SSO.

Step 2: Enable SCIM provisioning

  • Click the General tab.

  • In the App Settings section, click Edit and check the box for SCIM provisioning.

2.gif

Step 3: Configure provisioning integration

  • Click the Provisioning tab.

  • Under Settings, click Integration and then click Edit.

3.gif

Step 4: Enter SCIM Base URL

For SCIM connector base URL, enter: https://user-service-rest.fireflies.ai/scim/v2

4.gif

Step 5: Set unique identifier

  • For Unique identifier field for users, add email as the value.

5.gif

Step 6: Select provisioning actions

  • For Supported provisioning actions, select Push New Users and Push Profile Updates.

6.gif

Step 7: Set authentication mode

  • For Authentication Mode, select HTTP Header.

7.gif

Step 8: Add authorization token

  • For Authorization, enter your SCIM Access Token (the one you generated in Fireflies) as the bearer token.

8.gif

Step 9: Save and enable

  • Click Save.

  • After saving, go to the Settings > To App tab. Click Edit and enable Create Users, Update User Attributes, and Deactivate Users.

9.gif

Configure in Entra ID (formerly Azure AD)

Step 1: Open your Fireflies application

  • In your Entra ID portal, navigate to Enterprise applications and open your Fireflies application.

Step 2: Connect your application

  • Click on Provisioning and then click Connect your application (or Get started).

Step 3: Enter Tenant URL

  • For Tenant URL, enter: https://user-service-rest.fireflies.ai/scim/v2

Step 4: Enter Secret Token

  • For Secret token, enter your SCIM Access Token (the one you generated in Fireflies).

Step 5: Test and create

  • Click Test connection to ensure the credentials are correct, and then click Create (or Save).

Configure in OneLogin

Step 1: Open the SCIM Provisioner application

  • Log in to your OneLogin admin portal and open the SCIM Provisioner with SAML (SCIM v2 Core) application you previously created.

Step 2: Configure SCIM API connection

  • Go to the Configuration tab.

  • In SCIM Base URL, enter: https://user-service-rest.fireflies.ai/scim/v2

  • Under API Connection, ensure API Status is set to Enabled.

  • In SCIM Bearer Token, paste your SCIM Access Token generated in Fireflies.

Step 3: Enable provisioning workflow

  • Go to the Provisioning tab.

  • Check Enable provisioning.

  • Enable the following actions:

    Create user
    Update user
    Delete user

Step 4: Test and create

  • Save your configuration and test the provisioning connection to ensure it is working correctly.

🧩 Additional Options

Supported SCIM Features

For advanced configurations, Fireflies' SCIM 2.0 implementation currently supports the following features:

  • Provision a user to Fireflies (POST /scim/v2/Users)

  • Retrieve a user from Fireflies (GET /scim/v2/Users/<user_id>)

  • Update a user in Fireflies (PUT /scim/v2/Users/<user_id> or PATCH /scim/v2/Users/<user_id>)

  • List all users in Fireflies (GET /scim/v2/Users)

  • De-provision a user from Fireflies (DELETE /scim/v2/Users/<user_id>)

Disconnect Integration

To disable automatic provisioning, you can disconnect the SCIM integration from within your Identity Provider.

  • In Okta: Navigate to the Provisioning tab in your Fireflies app, click Edit under Integration, and uncheck Enable SCIM provisioning.

  • In Entra ID: Navigate to the Provisioning tab in your Fireflies app and stop the provisioning service.

🔄 Recap

Setting up SCIM with Fireflies provides automatic, reliable account lifecycle management. It allows you to pre-create accounts and immediately deactivate users when they leave, ensuring your Fireflies workspace is always in sync with your Identity Provider.

📌 Related Guides

📌How to Set Up SSO for Okta ->  Use Okta's SSO in Fireflies for a streamlined access.

📌Set Up SAML SSO for Azure AD -> Enable SAML SSO with Azure ADD to enhance security and simplify user access.

📌Set Up SAML SSO for Google Workspace -> Enable secure single sign-on with Google Workspace to centralize authentication and simplify user access.