Introducing User Management in Postman with SCIM
To add and manage users in Postman as a team admin for a large organization, you can either send invites to the members of your organization requesting them to join your Postman team or set up SSO self-provisioning, available on our Business and Enterprise plans (see all Postman plans). However, even with SSO self-provisioning, each new team member is required to authenticate into the Postman team via SSO to create a Postman account and join the team. This can be time-consuming and tedious to manage—plus, there can be uncertainty around if and when a user will take the necessary steps to join your organization’s Postman team.
For user deprovisioning, as a team admin, you need to explicitly remove the user from your Postman team to revoke all team accesses granted to the user and to release the team license consumed by the user. Again, in addition to being monotonous, this manual process is error-prone and may result in security or data compliance issues for the organization.
SCIM (System for Cross-domain Identity Management), is an open standard designed to manage and synchronize user identity information across various applications an organization uses. Within Postman, SCIM automates the following:
Provisioning: Creates a new user on your Postman team, if one does not already exist, and activates the user to authenticate into your Postman team.
Deprovisioning: Removes a user from your Postman team and deactivates their account, blocking the account from authenticating into Postman.
With this feature, you can efficiently deploy Postman at scale across your organization and manage your team users via an identity provider (IdP) or directly via the Postman SCIM API.
While SSO enables users to add themselves to a team with self-provisioning, SCIM enables the automatic addition of users into a team, and it helps centrally control and maintain user information along with the user account state (activated or deactivated). In addition, SCIM helps enterprise customers adhere to their security and compliance policies while enabling them to use their Postman licenses wisely.
Furthermore, with SCIM support for Postman, your organization can quickly and automatically provision user access to Postman along with the other internal applications your organization uses. When a new employee joins the organization and the IT admin sets up their user account information, provisioning can be configured to add the employee to the organization’s Postman team automatically or with just a few clicks from the identity provider your organization uses (see Okta integration).
How to get started
The SCIM support for Postman is available on the Enterprise plan. To use SCIM in Postman, head over to the Authentication settings page. As a team admin, you can enable SCIM and generate a SCIM API key to set up the SCIM integration with your identity provider or use the Postman SCIM API directly.
Learn more about the SCIM integration for Postman here.