Skip to content

Lumos SCIM Configuration

Lumos SCIM Configuration

This guide covers how to configure the Lumos SCIM Connector for your Scimify integrations.

Lumos is an identity governance platform that supports generic SCIM integrations for both ingesting users, groups, and entitlements from applications (for access reviews) and provisioning users and groups to apps. Customers who use Lumos for access request workflows can connect Scimify to automate provisioning across SaaS applications that Lumos does not natively integrate with.

For an overview of SCIM setup options, see SCIM Configuration. For Okta setup, see Okta SCIM Configuration. For other IdPs and IGA platforms, see Generic SCIM Configuration.

Prerequisites

  • Access to your Lumos admin console
  • A Scimify account with at least one integration instance created and enabled
  • The SCIM Base URL and API key from your Scimify admin console

Before you connect

Ensure the Scimify integration instance is enabled before connecting Lumos. Lumos attempts a full sync automatically after you press Connect, and the integration must be active in Scimify for that sync to succeed.

Configuration Steps

1. Add the SCIM Connector

  1. Log in to your Lumos admin console
  2. Navigate to Integrations > Discover
  3. Search for and select SCIM Connector

2. Configure the Token

  1. Generate a SCIM API key from the integration instance in your Scimify admin console
  2. Copy the API key
  3. Paste it into the Token field in the Lumos SCIM Connector configuration

The Token field accepts the SCIM API key for token-based authentication.

3. Configure the App Identifier (Optional)

Set App Identifier to a descriptive label for this connector instance, for example Scimify - Jamf Users where Jamf Users is the display name of the Scimify integration instance.

If not provided, Lumos uses the Base URL as the app instance identifier.

4. Configure the Base URL

  1. Copy the SCIM Base URL from your Scimify admin console (found on the Integrations page for the target instance)
  2. Paste it into the Base URL field in Lumos

The Base URL should include the protocol and path, for example https://api.example.com/scim/v2.

5. Configure Endpoints and HTTP Method

Leave the default values unless your environment requires otherwise:

Lumos fieldValue
Users Endpoint/Users
Groups Endpoint/Groups
Update Account HTTP MethodPATCH
Use Custom Request HeadersOff

6. Connect

  1. Review the Capabilities section — the SCIM Connector supports sync and provisioning for Users, Group Memberships, and Roles
  2. Click Connect

After you connect

Lumos automatically attempts a full sync when the connection is established. Confirm the Scimify integration instance is enabled before connecting.

To run a full sync again later, open the Lumos integration page and click Full sync.

Rename the connector

The Lumos integration appears as SCIM Connector by default. Rename it so it is easy to identify in Lumos:

Recommended: Apps list > three-dot menu for the SCIM Connector app > Edit app info > update the name and optionally the logo. This updates the integration across the Apps list, integrations list, and AppStore entries.

Alternative: You can rename the app from the AppStore listing, but that change does not propagate to other areas of Lumos. Editing app info from the Apps list is the preferred approach.

Supported Lumos SCIM features

The Lumos SCIM Connector reports the following capabilities. Actual behavior depends on the Scimify connector type and the target SaaS application:

Sync:

  • Users
  • Group Memberships
  • Roles

Provisioning:

  • Users
  • Group Memberships
  • Roles

The following profile attributes are supported:

  • Username
  • Given name
  • Family name
  • Email
  • Title
  • Display name

Note: Some Scimify integrations support custom attributes to manage roles and permissions. These custom attributes are documented under the integration-specific guides.

Authentication

Lumos uses HTTP header authentication with:

Authorization: Bearer <SCIM_API_KEY>

Use the SCIM API key generated from the matching Scimify integration instance.

External references

Need Help?

If you encounter any issues during configuration, please contact [email protected] for assistance.