Testing SCIM Configuration¶
After pushing groups to Alation from an IdP over SCIM, you can check the following:
Admin Settings > Catalog Admin > Groups: Alation should create the Groups pushed over SCIM as Custom Groups of the Defined in SCIM type. The name, type, and Group DN of such groups cannot be changed in Alation and will appear as read-only. The names of groups pushed from an IdP will include the name of the SCIM client and the timestamp of the push, for example: Analysts (scim-okta-2021-08-04 17:52:38.781738).
Users present in the IdP group will be listed under the SCIM Group name as group members.
Alation should create accounts for users who are members of the pushed groups and who did not exist in Alation before the push. Initially, users are created with the default role.
Users who already existed in Alation before SCIM was enabled, should be recognized and appear under the correct SCIM groups that corresponds to their group membership in the IdP.