SCIM (System for Cross-domain Identity Management) is an open standard protocol that enables automated user lifecycle management between the Identity Provider your organization and Teradata. It is the protocol that keeps user accounts and group memberships in sync between your IdP and Teradata. When you configure SCIM, adding a user to the right group in your IdP automatically creates their Teradata account with the correct role already applied. Removing them from the group revokes their access immediately.
SCIM handles user lifecycle management. Your IdP handles authentication. A user must be provisioned in Teradata through SCIM before they can successfully authenticate through SSO.
What SCIM Does
- Autmatically grants new users Teradata access the moment you assign them in your IdP.
- Revokes access immediately when you remove or deactivate a user in your IdP.
- Propagates changes to user attributes (name, email, role) automatically.
- Maps IdP groups to Teradata roles for scalable access control.
Supported Identity Providers
- Okta
- Microsoft Azure Active Directory or Entra ID
- Any IdP that supports the SCIM 2.0 standard
Prerequisites
- Organization Admin role to access VantageCloud Enterprise Console.
- Application administrator access to create SCIM integrations in your IdP.
- Your IdP must be able to reach the Teradata SCIM endpoint over HTTPS (port 443).
- Create a dedicated database account before setup begins.