This article describes the configuration steps involved in integrating Cerby with RSA Cloud Authentication service using SCIM. RSA Cloud Authentication Service will serve as the SCIM client with Cerby acting as a SCIM server providing an endpoint for the SCIM client to connect.

  
Configure RSA Cloud Authentication Service as a SCIM Client

Perform these steps to configure RSA Cloud Authentication Service as a SCIM client. 
Procedure

1. Sign in to RSA Cloud Administration Console and browse to Applications > Application Catalog.
2. Click Create from Template and click Select for SAML Direct.
3. On the Basic Information page, provide a name for the Cerby app and an optional description.
   
4. If an integration for Cerby using SAML is needed, refer to the articles listed in the Integration Configuration section of Cerby - RSA Ready Implementation Guide. If only fulfillment is needed, proceed to the next step.
5. Navigate to the Fulfillment page in the left pane.
   
6. Enable the fulfillment service by using the toggle button and choose the Approver Type from: None, Manager, Application Owner, Manager, and Application Owner.
7. In the Fulfillment Configuration Type drop-down list, choose SCIM Endpoint and enter the required details.
   1. Base URI: https://api.cerby.com/v1/scim/v2
   2. API Key: The token obtained from the Configure Cerby section
      
8. Click Save and Finish and click Publish Changes.

Configure Cerby as a SCIM Server

Perform these steps to configure Cerby as a SCIM server. 
Procedure

1. Log in to the Cerby dashboard at: https://<workspace-name>.cerby.com/dashboard.
2. Click the settings gear icon in the left pane.
   
3. Select IDP Settings from the top menu and scroll down to the bottom of the page.
   
4. Click View Token and make a note of the token value, which will be used in the RSA Cloud Authentication Service configuration.
   

The configuration is complete.

Return to Cerby - RSA Ready Implementation Guide.