Home Admin Help Center

SCIM Provisioning

For admins only For all plans

SCIM Provisioning

Printer icon
Updated

You can integrate Dashlane with your Identity Provider (IdP) using the Dashlane SCIM Provisioning for plan members.

Prerequisites

To complete this setup, you need:

  • Admin access to the Dashlane Admin Console
  • Admin access to your organization’s Identity Provider
  • Confidential SSO or self-hosted SSO turned on for your plan members

Set up User SCIM Provisioning

Please follow these steps, depending on your SSO configuration:

Set up SCIM Provisioning with Confidential SSO

If you have one Azure, Okta, or PingID as your Identity Provider, follow the specific steps under Set up SCIM Provisioning.

Step 1: Generate SCIM API Token in Dashlane

  1. Log in to the Admin Console.
  2. In the Integrations section, select Provisioning and then Confidential Provisioning.

  3. Select Set up or Edit if you've already started the setup.

    If this option is greyed out and unavailable, you might need to set up Confidential SSO first. If you've previously set up AD sync, you need to stop the on-prem AD sync script in PowerShell and turn off AD sync in the Admin Console.
    Set up Confidential SSO and SCIM Provisioning

  4. Log out of Dashlane and log back in to update the provisioning options. If SSO is turned on and Confidential Provisioning is still greyed out, select Chat with bot in the bottom right of this page to contact our Support team.
  5. In Provisioning and in Step 1: Generate SCIM API token, select Generate Token.
  6. Copy the SCIM API token in Step 2: Copy token.
  7. Turn on the toggle for Step 3: Activate automatic user provisioning.

SCIM provisioning.png

Step 2: Configure SCIM API Token in your Identity Provider

  1. In the SSO app of your Identity Provider, go to the User Provisioning page.
  2. Copy the SCIM Endpoint from the Dashlane Admin Console and enter the value under the SCIM URL field in your Identity Provider.
  3. Enter the SCIM API token copied from the Dashlane Admin Console in the SCIM API token field in your Identity Provider.
    • Ensure you select the Bearer Token option.
  4. Turn on user provisioning.
  5. Turn off group provisioning via SCIM, as sharing group creation isn’t supported by the Confidential SCIM protocol.
  6. In case you also turn on group provisioning via SAML, ensure that all groups have the exact same name, capitalization, and spacing as in your AD sync groups to prevent sync issues.
  7. Assign the users and/or user groups to your SSO app to sync.
  8. Test the connection to verify it works.

Check your Identity Provider documentation for any limitations and additional information.

Set up SCIM Provisioning with self-hosted SSO

If you have Azure, Okta, or JumpCloud as your Identity Provider, select which one and follow the specific steps under Set up SCIM Provisioning.

Step 1: Generate SCIM API Token in Dashlane

  1. Log in to the Admin Console.
  2. In the Integrations section, select Provisioning and then Self-hosted Provisioning.

  3. In SCIM Provisioning settings, select Set up or Edit if you've already started the setup.

    If this option is greyed out and unavailable, and you've previously set up AD sync, you need to stop the on-prem AD sync script in PowerShell and turn off AD sync in the Admin Console.

  4. Log out of Dashlane and log back in to update the Provisioning options. If SSO is turned on and self-hosted Provisioning is still greyed out, select Chat with bot in the bottom right of this page to contact our Support team.
  5. In SCIM provisioning settings and in SCIM API token, select Generate Token.
  6. Copy the SCIM API token.
  7. Turn on the toggle for Allow the encryption service to sync directory, then select Save changes.

  8. Restart your encryption service.

    How to restart your encryption service.

Screenshot 2026-06-09 at 11.42.17.png

Step 2: Configure SCIM API Token in your Identity Provider

  1. In your Identity Provider, go to the User Provisioning page
  2. Copy the SCIM Endpoint from the Dashlane Admin Console and enter the value under the SCIM URL field in your Identity Provider.
  3. Enter the SCIM API token copied from the Dashlane Admin Console in the SCIM API token field in your Identity Provider.
    • Ensure you select the Bearer Token option.
  4. Turn on user provisioning and group provisioning.
  5. Assign the users and/or user groups to your SSO app to sync. Ensure that all groups have the exact same name, capitalization, and spacing as in your AD sync groups to prevent sync issues.
  6. Test the connection to verify it works.

Check your Identity Provider documentation for any limitations and additional information.

Powered by Zendesk