SCIM
An IETF standard for provisioning user records between identity providers and SaaS applications, covering create, read, update, delete operations on user and group objects.
In more detail
SCIM (System for Cross-domain Identity Management) is a REST-based protocol most modern SaaS apps support for receiving user lifecycle events from an identity provider. The protocol covers user creation, attribute updates, role changes, and deactivation. SCIM 2.0 is the current spec.
Customers run SCIM at the edge of their JML process. The IDP (Okta, Workspace, Microsoft 365) emits the SCIM call, the SaaS app on the receiving end provisions or updates the user accordingly. The wire protocol is standard; the field mapping is per-app.
Where this shows up at Ceven
Ceven both speaks SCIM (when the customer's IDP is the source of truth) and orchestrates SCIM (when Ceven is the system of record and writes to a SCIM-capable downstream). The orchestration includes the per-adapter risk summary and the audit log entry SCIM alone does not provide.