Cloudflare Access SCIM Support Beta


I am excited to announce the initial beta of SCIM (System for Cross Domain Identity Management) support in Cloudflare Access.

The initial implementation of SCIM will support:

  1. Revoke Access and WARP tokens on user deactivation
  2. Auto-populate identity provider group values in Access policies
  3. Force a user re-authentication if their identity provider group membership changes

We are supporting AzureAD and Okta in the initial beta period. In the coming months, we will add support for additional identity providers.

If you would like to be part of the beta, please respond here or fill out this form:


We’re now in open beta! SCIM is available across all plans.

More information:
Developer Docs: Azure AD® · Cloudflare Zero Trust docs
Okta · Cloudflare Zero Trust docs