Skip to content
Support
  • There are no suggestions because the search field is empty.

Company Settings

Allows administrators to manage organization-level configurations. These include company information, identity provider integration (SCIM), and Single Sign-On (SSO).

1. Information Tab

Displays your organization’s core identity in Vince Platform.

Fields:

  • Company Name – The display name of your organization (e.g. Companyname)
  • Tenant ID – A unique system-generated ID for your tenant

Tip: Useful for support tickets and integration setup.

2. SCIM Tab

Configuring SCIM Provisioning in Vince Platform. The Vince Platform supports the SCIM 2.0 (System for Cross-domain Identity Management) protocol for automated user provisioning and deprovisioning. This allows you to synchronise users from your Identity Provider (IdP) — such as Microsoft Entra ID (Azure AD) or Okta — directly into Vince Platform.

When SCIM is configured, user lifecycle events (create, update, deactivate, delete) in your IdP are automatically reflected in Vince Platform, eliminating the need for manual user management.

IMPORTANT: Vince Platform currently does not support provisioning Groups. If group provisioning is enabled, the provsioning might fail

Prerequisites

  • Administrator access to Vince Platform
  • Administrator access to your Identity Provider (IdP)
  • SSO/SAML already configured between your IdP and Vince Platform (recommended)

Step 1: Generate a SCIM Token in Vince Platform

  1. Log in to Vince Platform as an administrator.
  2. Navigate to Administration > Company Settings > SCIM.
  3. Select your Identity Provider (Microsoft or Okta).
  4. Click Generate Token / Regenerate Token
  5. A new SCIM bearer token will be generated and displayed. Copy this token immediately — it will not be shown again.
  6. The SCIM Base URL (Tenant URL) will also be displayed on this page. Copy this URL as well.

Important: Store the token securely. If you lose it, you will need to generate a new one.

Step 2: Configure Your Identity Provider

Use the SCIM Base URL and Bearer Token obtained in Step 1 to configure SCIM provisioning in your IdP.

Microsoft Entra ID (Azure AD)

  1. In the Azure Portal, go to Enterprise Applications > select your Vince Platform application.
  2. Navigate to Provisioning > Get Started.
  3. Set Provisioning Mode to Automatic.
  4. Under Admin Credentials:
    • Tenant URL: Paste the SCIM Base URL from Vince Platform.
    • Secret Token: Paste the bearer token from Vince Platform.
  5. Click Test Connection to verify connectivity.
  6. Under Mappings, configure the attribute mappings (see Supported Attributes below).
  7. Set Provisioning Status to On.
  8. Click Save.

Okta

  1. In the Okta Admin Console, go to Applications > select your Vince Platform application.
  2. Navigate to the Provisioning tab > Configure API Integration.
  3. Check Enable API Integration.
  4. Enter:
    • SCIM connector base URL: Paste the SCIM Base URL from Vince Platform.
    • API Token: Paste the bearer token from Vince Platform.
  5. Click Test API Credentials to verify.
  6. Click Save.
  7. Under Provisioning > To App, enable the desired provisioning features (Create Users, Update User Attributes, Deactivate Users).

OneLogin

  1. In the OneLogin Admin Portal, go to Applications > select your Vince Platform application.
  2. Navigate to Configuration.
  3. Enter:
    • SCIM Base URL: Paste the SCIM Base URL from Vince Platform.
    • SCIM Bearer Token: Paste the bearer token from Vince Platform.
  4. Click Enable provisioning.
  5. Under Provisioning, configure the desired actions (Create, Update, Delete).

Supported SCIM Operations

Operation HTTP Method Endpoint Description
List Users GET /Users Retrieve all provisioned users
Get User GET /Users/{userId} Retrieve a specific user by ID
Create User POST /Users Provision a new user
Update User PATCH /Users/{userId} Partially update a user (e.g. deactivate)
Replace User PUT /Users/{userId} Fully replace a user's attributes
Delete User DELETE /Users/{userId} Remove a user

Supported User Attributes

The following SCIM user attributes are mapped to Vince Platform user fields:

SCIM Attribute Vince Platform Field Required Description
userName Email Yes The user's email address (used as primary identifier)
name.givenName First Name No The user's first name
name.familyName Last Name No The user's last name
emails[0].value Email No Primary email (falls back to userName)
active Active Status No Whether the user is active (true/false)

Example SCIM User Payload

{
  "schemas": ["urn:ietf:params:scim:schemas:core:2.0:User"],
  "userName": "jane.doe@example.com",
  "name": {
    "givenName": "Jane",
    "familyName": "Doe"
  },
  "emails": [
    {
      "value": "jane.doe@example.com",
      "primary": true,
      "type": "work"
    }
  ],
  "active": true
}

Authentication

All requests to the SCIM API must include the bearer token in the Authorization header:

Authorization: Bearer <your-scim-token>

Requests without a valid token will receive a 401 Unauthorized response.

Important Notes

  • No invite emails: Users provisioned via SCIM will not receive invitation emails. They are expected to authenticate via your IdP (SSO).
  • Default role: Newly provisioned users are assigned the TenantUser role by default.
  • Email as identifier: The userName field must be a valid email address and is used as the unique identifier for the user within Vince Platform.
  • Case-insensitive emails: Email addresses are normalised to lowercase.
  • Deactivation: Setting active to false via SCIM will deactivate the user in Vince Platform. They will no longer be able to log in.
  • Deletion: Deleting a user via SCIM will permanently remove the user from Vince Platform.

Filtering (List Users)

The List Users endpoint supports basic SCIM filtering via the filter query parameter. For example:

GET /Users?filter=userName eq "jane.doe@example.com"

This is commonly used by IdPs to check whether a user already exists before creating them.

Troubleshooting

Issue Possible Cause Resolution
401 Unauthorized Invalid or expired token Generate a new SCIM token in Vince Platform
404 Not Found User does not exist Verify the user ID is correct
400 Bad Request Invalid SCIM payload Check the request body conforms to SCIM 2.0 schema
Users not syncing Provisioning not enabled in IdP Ensure provisioning status is set to "On" in your IdP
Duplicate user errors User already exists with that email Check if the user was previously created manually

Support

If you encounter issues configuring SCIM provisioning, contact Vince Platform support with:

  • Your tenant ID
  • The Identity Provider you are using
  • Any error messages received during provisioning

3. Single Sign-On (SSO) Tab

Configure and manage identity providers for user login.

Features:

  • Enforce SSO: Toggle on/off to require SSO for all users
  • Identity Provider List: View and manage connected IdPs
  • Actions: Add or delete an identity provider

4. Add Identity Provider

Steps:

  1. Navigate to Single Sign-On > Add Identity Provider
  2. Fill in the following fields:
    • Identity Provider Name
    • Issuer URL
    • Client ID
    • Client Secret
  3. Click Save

All fields are required. Get details from your IdP (e.g., Azure AD or Okta).

Best Practices

  • Regularly review SSO and SCIM settings
  • Document and securely store Tenant ID and secrets
  • Enable SSO enforcement after validation
  • Keep provider credentials up to date

Troubleshooting

  • User sync issues? – Check SCIM configuration and IdP logs
  • SSO login problems? – Verify issuer URL and client credentials
  • Need your Tenant ID? – Find it in the Information tab