SCIM
Enterprise plan subscribers with SAML SSO enabled can opt to enable SCIM for their workspace. SCIM, or System for Cross-domain Identity Management, is an open standard that allows for the automation of user provisioning.
Overview
If you have SAML SSO enabled with a supported identity provider, you can contact us to get SCIM enabled for your workspace.
Once SCIM is enabled, you will not be able to manage users from within Linear, they will be kept up to date through your identity provider.
Configure
Upgrade to the Enterprise plan
Contact us to upgrade to the Enterprise plan and enable SAML SSO.
Configuration
Once SAML is configured, you will see the option to enable SCIM in Settings > Security.
Enable and test
Toggle the option to enable SCIM, and click "View configuration" to get your SCIM base connector URL and Bearer Auth token. Keep these values safe as you will need them to configure SCIM in your Identity provider.
- In the Okta admin pages, open the Linear application you have for SAML 2.0
- In the General tab, click Edit and choose SCIM in the Provisioning section and Save
- In the Provisioning tab, enter the SCIM Base connector URL you generated from Linear
- For the Unique identifier field for users section enter email
- For Supported provisioning actions you can enable "Import New Users and Profile Updates", "Push New Users" and "Push Profile Updates." Push and Import for Groups are not supported at this time
- For Authentication mode field, choose HTTP Header and enter your Bearer token generated from Linear. You can now test the configuration and save