⌘K
Back to all articles
Security

SCIM provisioning

Automatically provision and deprovision members via SCIM 2.0 (enterprise).

Updated May 27, 2026

SCIM 2.0 keeps Queringo membership in sync with your identity provider. When you add or remove someone in your directory, they are added or removed in Queringo automatically. It is an enterprise capability.

Team and permissions, where the AD Sync (SCIM) tab lives

How it works

Queringo exposes standard SCIM 2.0 user and group endpoints. Your identity provider authenticates with a token you mint in Queringo and pushes user create, update, activate, deactivate, and delete operations.

Setting it up

In AD Sync settings, mint a SCIM token and copy it with the base URL into your identity provider's provisioning configuration. Revoke a token to cut off provisioning access immediately.

Deactivating a user in your directory deactivates them in Queringo. Make sure your directory is the intended source of truth before enabling SCIM.

What's next

See how sensitive data is protected in PII detection & masking.