To enable SCIM support, you first need to generate an API key for a Superuser. As a superuser, go to the user menu near the upper-right, and choose "Manage API keys." Click "Create New Token." Copy the token and paste that in as a "Bearer Token" on your SCIM client's configuration pages.

The SCIM client will be able to create users from your directory, and Snipe-IT will try to map every field it can to the appropriate field within Snipe-IT.

The Snipe-IT SCIM URL’s will start with https://your_servername/scim/v2/ - in most SCIM providers, you need to just place that prefix of https://your_servername/scim/v2 and the SCIM protocol will handle the rest for you.

❗️

Snipe-IT can only sync Users, not Groups

Snipe-IT only has built-in mappings for Users, but not yet for the Groups section. Snipe-IT cannot sync Groups via SCIM at this time.

Fields that Snipe-IT Cannot Handle (yet)

  • displayName
  • Mobile Phone Number
  • Manager

Unsupported HTTP Verbs

DELETE is not supported by the underlying library yet

All supported mappings into Snipe-IT

SCIM NameSnipe-IT Users fieldRequired?
userNameusernameYES
givenNameFirst NameYES
familyNameLast Name
emails.work.valueEmail
activeActivated
phoneNumbers.work.valuePhone
addresses.work.streetAddressAddress
addresses.work.localityCity
addresses.work.regionState
addresses.work.postalCodeZIP
addresses.work.countryCountry
titlejobtitle
preferredLanguagelocale
(Enterprise Namespace):employeeNumberemployee_num
department(Lookup by name to set department_id)

Environment Variables

In your .env file, you can specify two new environment values that modify how Snipe-IT's SCIM server works.

NameDescriptionDefault value
SCIM_TRACEWhen set to true, all SCIM requests and responses will be logged to a scim.log file in the storage/logs directoryfalse
SCIM_STANDARDS_COMPLIANCE When set to true, Snipe-IT tries to more closely follow the SCIM specifications. Definitely needed for OneLogin.false