Available on Basic and Business

Not available on Free

Admin Privileges Required

After following the Azure AD Premium instructions for setting up a SAML connection you will be able to set up SCIM provisioning for your application. Please note the SCIM provisioning limitations here.

1.Azure SCIM Setup for Stack Overflow for Teams

On Azure AD for the Stack Overflow Application in the left-hand menu click Provisioning then click Get started.

For Provisioning Mode select Automatic Option

Enter the following for Admin Credentials

Tenant URL: https://stackoverflow.com/c/{your_site}/auth/scim/v2

Secret Token: Generated Token on Stack Overflow see instructions below.

In Stack Overflow Business, enable SCIM and generate a SCIM authorization token for your application at /c/{your_site}/admin/access/scim. Please note that this token will only be visible when you generate it. If it is lost, you will need to generate a new one and reconfigure your Okta application.

Then click Test Connection green checkmark will appear in Tenant URL on successful connection.

Don't forget to Save.

2.Azure SCIM User Mapping

On Mappings, you can set the mapping for Groups and/or Users

To prevent error messages sent Target Object Actions to just Update.

Stack Overflow doesn't support Create or Delete actions via SCIM.

The following attributes should be configured.

  • userName the User ID (must match the Display Name Assertion provided in /admin/access/authentication)

  • active true/false. Determines whether or not the user should be deactivated or reactivated in Stack Overflow Business

  • Required fields for SCIM 2.0 (these are commonly mapped for you by your Identity Provider. Usually no action is needed on your part): name.givenName, name.familyName, emails

  • optional userType Requires Allow SCIM to manage user roles to be checked on the SCIM Integration settings page on Stack Overflow Business. Takes values of either Registered or Admin. If set to Admin, the user is promoted to an Admin. If set to any other value (such as Registered), the user is demoted from Admin.

Did this answer your question?