| AccessGuard — IAM with JWT, MFA, RBAC & SSO (SAML/OIDC)…

AccessGuard — IAM with JWT, MFA, RBAC & SSO (SAML/OIDC) | Velaxe

AccessGuard

SCIM 2.0 — Integration

Standards-based provisioning for creating, updating, and deprovisioning users and groups from your IdP into AccessGuard.

View App All Integrations

Overview

Standards-based provisioning for creating, updating, and deprovisioning users and groups from your IdP into AccessGuard.

Capabilities

Create/Update/Deactivate users via SCIM 2.0
Group membership sync to roles via mapping rules
Support for enterprise schemas (name, emails, phoneNumbers)
Soft-delete with recoverable grace windows
High-volume, rate-limit aware ingestion queue

Setup Steps (5)

1

Step 1

In AccessGuard → Settings → Provisioning, enable **SCIM** and generate a bearer token.

Back to top
2

Step 2

Copy the SCIM base URL and token.

Back to top
3

Step 3

In your IdP (Okta/Azure AD/Auth0), configure a SCIM application and paste the endpoint/token.

Back to top
4

Step 4

Map IdP groups to AccessGuard roles; enable incremental provisioning.

Back to top
5

Step 5

Run a push of a test user and confirm creation and role assignment.

Back to top

Limitations

Some IdPs batch group updates; membership changes may arrive slightly delayed.
Large directories require staged imports to respect rate limits.
Custom attributes need schema extension mapping on both sides.

FAQs

Do you support deprovisioning?

Yes. Users are disabled and sessions revoked; deletion follows your retention policy.

How are conflicts handled?

We upsert by externalId or primary email; conflicts are logged with remediation tips.

Can we sync only specific groups?

Yes. Limit scope in your IdP assignment and mapping rules.

Pricing

Free

Free

Great for trying the integration.

Pro

USD 9.99 / monthly

Enterprise

USD 49.99 / monthly