Young man with glasses smiling working on a MacBook outdoors, sitting in front of a modern wood and glass building at dusk.

February 24. 2023 - 5 min. reading time

Scim Me Up, Scotty

SCIM is the solution for smart identity management in cloud applications and services.

by Marvin Christ

Close-up of a young man with curly hair in front of a blue sky.

Bringing users into a system—even if it's not a starship from Star Trek—is a recurring but by no means repetitive task. Every new system in a system landscape requires appropriate access for users of the system and normally comes with its own user management. If it is a system such as MazeMap Workplace, which is usually used by all of a customer's employees, you want to avoid creating the corresponding users manually if possible. It is faster and more secure to add them to the system digitally.

Adding users via manual import: time-consuming and error-prone

If you want to create user data in a system, you can do this using a simple import. The source file for the import is usually created quickly, the transfer is carried out quickly and there is no need to create individual data records manually. Nevertheless, there are also drawbacks:

What happens to new employees who also need access?
What happens when a user leaves the company?
What happens if a user's rights change - for example, if they are granted additional access rights?

Each of these standard situations basically requires a new import. This makes the task very time-consuming and prone to errors. Both manual user maintenance and import quickly reach the limits of what can be reliably represented as a process—although MazeMap Workplace naturally supports both methods. But what alternatives are there?

The SCIM standard simplifies the management of users

The IETF (Internet Engineering Task Force, an organization for the technical development of the Internet) provides an answer to this question: The "System for Cross-Domain Identity Management" SCIM for short. This is an IETF standard that has been available in version 2.0 since 2015. The aim is to simplify identity management in cloud applications and services. The SCIM standard consists of a programming interface, a so-called API, which enables the following things in a standardized way:

Creating and deleting users
Maintenance of user master data
Authorizing users and assigning roles

MazeMap Workplace implements the essential aspects of this standard, making it easy to manage users (for example, from an AD) in MazeMap Workplace. The API provided by MazeMap Workplace for this purpose is here .

Simple integration and synchronization

Many identity platforms support SCIM, including Okta and Azure AD (Active Directory). Integration with the MazeMap Workplace API is therefore very easy. Azure AD, for example, provides a provisioning service that allows users and permissions in Azure AD to be synchronized with other systems that support SCIM. MazeMap Workplace meets all Azure AD requirements. Users and permissions are synchronized every 20 minutes by default via the Azure AD Provisioning Service. This standardized integration also enables the use of basic AD techniques. Examples include assigning specific applications to specific users (based on group assignments in AD), granting rights in the application based on group assignments or extended attributes, and many other scenarios.

Opt for a reliable and efficient solution

MazeMap Workplace thus offers customers a standardized solution that allows MazeMap Workplace to be easily integrated into the system landscape. Regardless of whether Captain Kirk beams down or up, MazeMap Workplace enables timely and reliable updating of user management via SCIM. Do you have any questions on this topic or are you interested in a demo of our Smart Real Estate Platform? Feel free to contact us!