Production launch checklist

As you prepare to launch SCIM provisioning to production, you should confirm that your configuration satisfies the SCIM-specific items from the authentication launch checklist.

This page extracts the SCIM provisioning items from the main authentication production readiness checklist and organizes them for your directory rollout.

Configure SCIM webhook endpoints

Configure webhook endpoints to receive SCIM events in your production environment, and ensure they use HTTPS and correct domain configuration.

Verify webhook security with signature validation

Implement signature validation for incoming SCIM webhooks so only Scalekit can trigger provisioning changes. See webhook best practices for guidance.

Test user provisioning, updates, and deprovisioning

Test user provisioning flows (create), deprovisioning flows (deactivate or delete), and user profile updates to ensure your application responds correctly to each event type.

Validate group-based role assignment

Set up group-based role assignment and synchronization, and verify that group membership changes in the identity provider correctly map to roles and permissions in your application.

Handle duplicate and invalid data scenarios

Test error scenarios such as duplicate users, conflicting identifiers, and invalid data payloads so your integration fails safely and surfaces actionable errors.

Align SCIM with user and organization models

Confirm that your SCIM implementation matches your user and organization data model, including how you represent organizations, teams, and role assignments in your system.

Finalize admin portal configuration for directory admins

Ensure directory admins can configure SCIM connections in the admin portal, and that your branding and access controls are correct for enterprise customers.