SCIM user provisioning in Whimsical

Whimsical supports SCIM (System for Cross-domain Identity Management) for automated user provisioning on Business and Enterprise plans.

With SCIM provisioning, you can:

  • ✅ Automatically add users to your Whimsical workspace
  • ✅ Automatically remove users when they leave your organization
  • ✅ Update user roles (editor/viewer) based on identity provider settings
  • ✅ Import existing Whimsical members into your identity provider for centralized management

Supported SCIM providersCopied!Link to this section

Here's a list of the most popular SAML SSO (and SCIM) providers supported by Whimsical, along with detailed setup instructions available through the provided links:

SCIM basics for different providersCopied!Link to this section

While we have detailed documentation for the most commonly used identity providers (Okta, Entra ID, & JumpCloud), there are also some pieces of information that are true for all, and may help you in setting up user provisioning with your SCIM provider:

  • SCIM Version: 2.0
  • SCIM Base URL: https://api.whimsical.com/scim-v2/
  • Authorization method: Bearer token
  • Username: The user’s email address in Whimsical
  • Group provisioning is not supported.

User provisioningCopied!Link to this section

There are two cases to consider when provisioning a user.

Provisioning a new userCopied!Link to this section

When creating a new user, if editor is undefined or you do not provide a value, the user will have the default role set in your Whimsical workspace settings.

To set the role explicitly when provisioning:

  • true - provisions the user as an editor
  • false - provisions the user as a viewer

Updating an existing userCopied!Link to this section

When updating an existing user, if editor is undefined or you do not provide a value, there will be no change to the user's role in Whimsical.

To set the role explicitly when updating:

  • true - provisions the user as an editor
  • false - provisions the user as a viewer

Tip: If you're managing user roles with groups, we strongly recommend always having a true and a false group. Setting undefined may lead to undesired outcomes.

If you provision with SCIM but prefer managing user roles within your Whimsical workspace, do not specify a value for editor — then any roles defined in Whimsical will be maintained.


If you need any extra assistance getting up and running, contact our Customer Support team. We're always happy to help. 😁

SCIM provisioning FAQsCopied!Link to this section

Does SCIM require SAML to be enabled?Copied!Link to this section

Yes, SCIM provisioning is only available for workspaces that have SAML SSO configured.

What data does Whimsical sync through SCIM?Copied!Link to this section

Whimsical supports the following SCIM request types:

  • Create: Automatically adds users to your workspace.
  • Deactivate: Automatically removes users from your workspace.
  • Update: Updates user roles (editor/viewer) based on your SCIM configuration.
  • Import: Optionally pulls existing workspace members into your identity provider for better visibility and management.

Will SCIM remove users immediately if they’re deprovisioned in our IdP?Copied!Link to this section

Yes — when a user is deactivated in your identity provider, Whimsical will automatically remove them from your workspace.

What happens to shared content when a user is removed via SCIM?Copied!Link to this section

Any content the user created in shared folders or projects will remain accessible to collaborators, but the user will no longer appear in your workspace.

Can we sync user roles with SCIM?Copied!Link to this section

Yes — if your identity provider supports it, you can assign viewer/editor roles via SCIM attributes. Reach out to us if you'd like guidance on how to configure role mapping.

What if a user already has a Whimsical account?Copied!Link to this section

SCIM will link to the existing account based on email address. If the user was invited manually before SCIM was enabled, they’ll be automatically managed through SCIM going forward.