CodeSignal admins can configure SCIM user provisioning using the Identity Provider (IdP) of their choice, including custom IdPs. This will allow you to create, update, and deactivate accounts. Unfortunately, SCIM groups are not supported at this time.
This article describes how to configure SCIM user provisioning for a custom or less commonly-used IdP. Please refer to one of the articles below if you are using Okta or OneLogin for your IdP:
Before you can provision external users into your account, you should have single sign-on (SSO) already configured for your CodeSignal account. Instructions for configuring SSO are here:
Step 1: Retrieve your Bearer Token from CodeSignal
- Log in to your company's CodeSignal account. You will need to be a CodeSignal admin to complete this step!
- Click MY COMPANY SETTINGS in the drop-down menu in the top right of your screen.
- In the SSO tab, check to make sure Enable SSO is toggled on.
- Navigate to the User Provisioning tab and toggle on Enable SCIM. Then, click the blue CREATE button to generate a SCIM Token. Copy this token to use in Step 2.
- In the Default Role drop-down menu, choose the default role you'd like to be assigned to new users: Interviewer, Manager, or Company Admin.
Step 2: Enable SCIM API integration in your IdP
You will need the following information to enable the SCIM API integration in your IdP:
- We support SCIM v1 and v2
- SCIM Base URL:
https://app.codesignal.com/api/scim/v2(SCIM v1 and v2 correspondingly).
- The supported SCIM attributes are
Step 3: Check the email address format in your IdP
CodeSignal uses the email address of a user for identification. That means that the email address attribute for a user should match between SAML SSO and the SCIM user provisioning in your IdP.
Check to make sure that your IdP's username is set to a value that indicates the primary email of the user.
Step 4: Import and assign users
If available in your IdP, we recommend importing and assigning existing CodeSignal users into your IdP. This will fetch existing users from CodeSignal and allow you to automatically add or assign them to existing users in your IdP.
Note that users added to CodeSignal will need to accept an invitation email before they can start using the platform. This is done to protect user privacy and ensure that users are not unintentionally added to a company to give them a chance to confirm before applying company authentication restrictions to their account.
Additionally, note that all new users added to CodeSignal will be assigned the Interviewer role. You can adjust their role from your CodeSignal dashboard once they accept the invitation.
Step 5: Configure owned email domains
In the SSO tab of your company settings in CodeSignal, you will see a section called Owned Email Domains. To add your company's domain (or additional domains) to this list, please contact firstname.lastname@example.org.
Owned email domains are verified as belonging to your company. User accounts with these emails will be automatically created on CodeSignal without requiring confirmation from the users.
Questions? Email email@example.com