System for Cross-Domain Identity Management (SCIM) Configuration Guide

Overview

The System for Cross-domain Identity Management (SCIM) standard allows organizations to manage users in a third-party application.

Prerequisites

You should already have an SSO integration configured. See Single Sign-On Configuration.

Supported Features

Create users
Update user attributes
Deactivate users

Configuration

Configuration details vary from identity provider to identity provider. Consult their documentation for specifics.

Note: Before setting up and enabling SCIM, please be sure to speak with a support representative. Any manual mapping to existing Getty Images users must be completed before enabling SCIM.

Authorization

Authorization is completed via OAuth 2.0. Some identity providers use the Authorization Code OAuth 2.0 grant type. If you plan on using Authorization Code, please provide us with a redirect URL from your identity provider.

Necessary information:

Access token endpoint: https://authentication.gettyimages.com/oauth2/token
Authorization endpoint: https://authentication.gettyimages.com/oauth2/auth
Client Id: Provided by a Getty Images customer support representative.
Client Secret: Provided by a Getty Images customer support representative

SCIM Connection

SCIM base URL: https://scim.gettyimages.com/v2
SCIM Service Provider Config URL: https://scim.gettyimages.com/v2/ServiceProviderConfig

SCIM Attributes

Information about our supported attributes can be found at our Schemas URL: https://scim.gettyimages.com/v2/Schemas

Identity Provider Specific Information

Microsoft Entra AD SSO

Microsoft Entra does not support OAuth authorization for manually configured SSO/SCIM integrations. The integration must be set up via the Entra application gallery. We are actively working on submitting our application for inclusion there.

Okta

See here for Okta specific information.

Okta SAML 2.0 (SSO) Configuration Guide Okta SCIM Configuration Guide