System for Cross-Domain Identity Management (SCIM) Configuration Guide

Overview

The System for Cross-domain Identity Management (SCIM) standard allows organizations to manage users in a third-party application.

Prerequisites

You should already have an SSO integration configured. See Single Sign-On Configuration.

Supported Features

Create users
Update user attributes
Deactivate users

Configuration

Configuration details vary from identity provider to identity provider. Consult their documentation for specifics.

Note: Before setting up and enabling SCIM, please be sure to speak with a support representative. Any manual mapping to existing Getty Images users must be completed before enabling SCIM.

Authorization

Authorization is completed via OAuth 2.0. Some identity providers use the Authorization Code OAuth 2.0 grant type.

Necessary information:

Access token endpoint: https://authentication.gettyimages.com/oauth2/token
Authorization endpoint: https://authentication.gettyimages.com/oauth2/auth
Client Id: Provided by a Getty Images customer support representative.
Client Secret: Provided by a Getty Images customer support representative

SCIM Connection

SCIM base URL: https://scim.gettyimages.com/v2 SCIM Service Provider Config URL: https://scim.gettyimages.com/v2/ServiceProviderConfig

Identity Provider Specific Information

Azure AD SSO

Azure does not support OAuth authorization for manually configured SSO/SCIM integrations. The integration must be set up via the Azure Active Directory application gallery. We are actively working on submitting our application for inclusion there.

Okta

Getty Images supports OAuth 2.0 for SCIM integration authorization. Okta supports the Authorization Code grant, which requires a client id, client secret and user name, password. Your Getty Images sales representative will provide that information to you.

Single Sign On (SSO) Configuration Guide Technical Documentation