Our SCIM support will now allow users to assign Sentry Org Roles to users. Additionally, any assignments made via SCIM going forward cannot be edited via the Sentry UI or API i.e. your IdP will become the single source of truth governing who can access Sentry and what they can do with their access.
Enabling our customers to use their IdP as a single source of truth for user access and privilege assignment reduces administrative overhead and increases the security of data stored in Sentry.
While you can continue to use SCIM as normal, any assignments made via SCIM going forward can only be edited via SCIM.
To start assigning user roles via SCIM you can either: 1) Add an Org Role to a user’s IdP profile. OR 2) Create a group attribute for an Org Role and assign it to an IdP group.
Absolutely, just be aware that future assignments made via SCIM can only be edited via SCIM.