Get instant support with our search!
Customer Onboarding - User Provisioning Options
Options
Type | Supports SSO | Auto Provisioning | Dynamic Groups | Organisation Size |
1. SCIM (Azure or Okta) |
✔️ | ✔️ | ✔️* | 200+ |
2. Federated | ✔️ | ❌ | ❌ | less than 200** |
3. Email | ❌ | ❌ | ❌ |
less than 200** |
* Azure: P1,P2 or E5 Licence required. Okta: Lifecycle Management Licence required.
** Supports more but not recommended.
1. SCIM (AzureAD or Okta)
Why choose SCIM?
Pros
✅ Automation of the adding and removing of users.
✅ Automation of targeting of new users with content within your MyCompliance library.
✅ Allows for SSO for safer, more secure login for your users.
✅ Allows for enabling of MFA via your SSO Identity Provider.
✅ Allows for the provisioning of pre-existing groups within either AAD or Okta.
✅ Have the option of enabling the MyCompliance Teams App.
Cons
❌ Requires your organisation to have the relevant licensing within either AAD or Okta.
❌ Does not support the provisioning of nested groups.
🚩 SCIM Prerequisites
Azure AD
- An Azure AD tenant with Azure AD Premium 1 or Premium 2 (or EMS E3 or E5) licence.
- Completed Discovery document that will be sent by MetaCompliance Support.
- Have the relevant groups created within your Azure AD that you will provision to your MetaCompliance tenant. (These can be either Dynamic or Security Groups.)
- An Azure Global Admin who is available to set up the SCIM provisioning and SSO applications.
Okta
- An Okta tenant with a Lifecycle Management licence.
- Complete Discovery document that will be sent by MetaCompliance Support.
- Have the relevant groups created within your Okta environment that you will provision to your MetaCompliance tenant.
- A dedicated resource who can configure the provisioning app and enable SSO within Okta.
- Click here to view the AAD SCIM configuration instructions
- Click here to view the Okta SCIM Configuration instructions
2. Federated
Why choose Federated?
Pros
✅ Does not require your organisation to have a cloud AD solution within AAD or Okta.
✅ The option of enabling the Microsoft Teams App.
✅ The option of creating your own groups and subgroups.
❌ Manual process which will require manual updating when users are onboarded and offboarded within your organisation.
❌ Will require the manual creation of Groups and Sub-groups within your MyCompliance tenant.
🚩 Federated Prerequisites
- An Identity Provider that will facilitate SSO for your users.
- Dedicated personnel who can configure SSO via your Identity Provider.
- Completed spreadsheet of user information as per the MyCompliance Cloud site instructions.
- Dedicated personnel who will update user data as and when required via the MyCompliance Cloud site.
3. Email
Why choose Email?
Pros
✅ Does not require your organisation to have a cloud AD solution within AAD or Okta.
✅ The option of creating your own Groups and Subgroups.
❌ Manual process which will require manually updating when users are onboarded and offboarded within your organisation.
❌ Will require the manual creation of Groups and Subgroups within your MyCompliance tenant.
❌ Your users cannot use SSO to log in to their MyCompliance account. A separate password will have to be created upon registration.
🚩 Email Prerequisites
- Completed spreadsheet of user information as per the MyCompliance Cloud site instructions.
- Dedicated personnel who will update user data as and when required via the MyCompliance Cloud site.
- Trigger 'registration email' to all users so that they can set up a password for their MyCompliance account.