How to integrate a generic SCIM client with FortiAuthenticator SCIM server
The following describes how to integrate a generic SCIM client with the FortiAuthenticator SCIM server:
- Log in to FortiAuthenticator.
- Get an API key.
Alternatively, use OAuth 2.0.
- Copy the API key and paste it in the appropriate field on the SCIM SP, i.e., the SCIM client.
- Log in to the SCIM SP administrator account.
Note that every SCIM SP has a different way of accessing application integrations.
- Create a custom application for FortiAuthenticator in the SCIM SP.
- Each SCIM SP has different questions for the application. However, all SCIM SPs require a Tenant URL and a FortiAuthenticator API key (Secret Token):
- Tenant URL: The URL field when creating or editing a remote SCIM user sync rule.
- API key: The Secret Token when creating or editing a remote SCIM user sync rule. The secret token is used to authorize the SCIM integration between the client and the server.
Note: The secret token is associated with an administrator account. You must use an administrator account with appropriate role.
- The SCIM client indicates that FortiAuthenticator was created successfully.
- The SCIM client application gallery confirms the newly created application.
All the other settings to integrate with FortiAuthenticator should be set, including attribute mappings.
- The SCIM client is now visible in FortiAuthenticator.
- You can now configure attribute mappings on FortiAuthenticator.