Can I Provision Destination-Level or Connector-Level User Roles Using SCIM?

Question

I have enabled System for Cross-domain Identity Management (SCIM). Can I provision destination-level or connector-level roles using SCIM?

Environment

• Account settings
• SCIM

Answer

In our Role-Based Access Crontrol (RBAC) model, we provide a set of standard and custom roles to grant or deny access to different Fivetran resources within the Fivetran account.

The standard roles in our RBAC model allow you to manage access to Fivetran resources in a granular and hierarchical way. In Fivetran, you can create roles for the following resource types in descending hierarchical order:

• Account
• Destination
• Connector

However, it's only possible to assign user roles at one level using a SCIM configuration. As a result, Fivetran's SCIM API only supports provisioning account-level roles.

Alternatively, you can use Fivetran's REST API to assign roles at a destination or connector level. See our documentation for more information on how to add connector membership or add group membership.