Matrix Booking's SCIM integration overview
This page covers our SCIM (System for Cross-domain Identity Management) integration to provide a user identity management solution between Matrix Booking and your chosen employee directory.
Contents
Introduction
What is SCIM?
SCIM is a standard for automating the exchange of user and group information between a central user management system, such as Entra ID or Okta, and an external IT system, such as Matrix Booking. There are 2 players in SCIM that interact to keep user information up to date:
SCIM Client is the application that contains all the user information and is where any changes are made (for example, users deactivated, users added to a group, or new users added).
SCIM Service is the IT System that “replicates” users from the client, which is the role that Matrix Booking is playing.
Use SCIM with Matrix Booking
As a Matrix Booking customer, SCIM allows you to have a single location where you manage all of your users and user groups – the same location that you already have all of those users’ details meaning there’s less duplicated effort and a single source of truth for user status. Effectively, a master list of your users and groups.
Security
As detailed in the diagram above, the SCIM process is all led by your SCIM Client who pushes data to the SCIM Service. This means that you get to choose the following information, which gives you incredible security and flexibility:
The users and user groups you choose to send meaning you can send a subset of your entire directory.
The information for those users and groups you send – down to a granular level of choosing what field you’d map to a user’s first name, for example.
Notes:
Microsoft owns Entra ID – if you raise a support ticket with us and we state that it’s an issue with Entra ID, you’ll need to contact Microsoft.
Switching SCIM on doesn’t amend your existing groups that you may have – if the group name exists in both Matrix Booking and SCIM, the SCIM integration will replace your existing Matrix Booking group with the new one from SCIM.
SCIM is an industry standard and any IdPs that are SCIM compliant should work with the SCIM integration.
Mappings that Matrix Booking supports
Matrix Booking supports the following mappings:
Users
custommapsso | Required or optional | Note |
|---|---|---|
name.givenName | Required |
|
name.familyName | Required |
|
username | Required | This will need to be the Users Email Address |
externalId | Optional | Mapped to objectId for tracking purposes |
urn:ietf:params:scim:schemas:extension:MatrixExtension:2.0:User:contactNumber | Optional | This is a custom mapping, not provided as part of the default SCIM Specification. |
nickName | Optional |
|
urn:ietf:params:scim:schemas:extension:MatrixExtension:2.0:User:accessCard | Optional | This is a custom mapping, not provided as part of the default SCIM Specification. |
urn:ietf:params:scim:schemas:extension:MatrixExtension:2.0:User:costCode | Optional | This is a custom mapping, not provided as part of the default SCIM Specification. |
active | Required |
Groups
custommapsso | Required or optional | Note |
|---|---|---|
displayName | Required | This is the Group name in Matrix Booking. |
externalId | Required | ID from Microsoft Azure to correlate. |
members | Required | The members of the group. |
For more information, see SCIM integration setup guide.