To enable SCIM, you must first set up SAML SSO with Entra ID (AAD). Read this article to find out how.
For an overview of how Whimsical supports SCIM, check out this article.
First, go to Workspace settings, which you'll find under your workspace name in the top left corner:
Enable SCIM provisioning and click "Reveal" to retrieve an OAuth token:
In the "Provisioning" tab in Entra ID (AAD), set "Provisioning Mode" to "Automatic", and paste the following URL into "Tenant URL":
Then, paste your OAuth token under "Secret Token", click "Test Connection", and Save:
There are two cases to consider when provisioning a user.
When creating a new user, if editor is undefined
or you do not provide a value, the user will have the default role set in your Whimsical workspace settings.
To set the role explicitly when provisioning:
true
- provisions the user as an editorfalse
- provisions the user as a viewerWhen updating an existing user, if editor is undefined
or you do not provide a value, there will be no change to the user's role in Whimsical.
To set the role explicitly when updating:
true
- provisions the user as an editorfalse
- provisions the user as a viewerTip: If you're managing user roles with groups, we strongly recommend always having a true
and a false
group. Setting undefined
may lead to undesired outcomes.
If you provision with SCIM but prefer managing user roles within your Whimsical workspace, do not specify a value for editor — then any roles defined in Whimsical will be maintained.