Provision and deprovision users

Provisioning user accounts is one of the first administrative tasks that you're going to perform. This task is important for each organization as it may impact the security of sensitive data and resources.

With ​Akamai​ MFA, you can provision users' identities and their access rights in different ways.

With the Users page, you can create a user profile manually.

With the Users provisioning page, you can import user data from external identity systems to ​Akamai​ MFA using the SCIM protocol.

SCIM (System for Cross-domain Identity Management) is an open standard that allows for the automatic exchange of user identity data in cloud-based services and applications. SCIM allows for the initial provisioning and automatic synchronization of user and group endpoints.

📘

Microsoft Azure and Okta SCIM provisioning described in this document was implemented using a minimally viable subset of SCIM specifications. In particular, ​Akamai​ MFA doesn't support the full capabilities of the SCIM filtering parameter.

After you add a new SCIM user provisioning service on the User provisioning page, you’re redirected to the provisioning configuration page. The configuration page provides you with your Base URL and API Token that you need to provide in external identity systems to finish setting up your SCIM provisioning.

On the User Provisioning configuration page, you can also configure these settings:

• Send enrollment emails. Lets you onboard new users by sending them emails with the enrollment link. New users can, next, use the link to register their trusted authentication devices.

• Include existing users. Lets you update the source of provisioning for users already existing in ​Akamai MFA​. This allows you to change user provisioning methods, for example, from manual to SCIM integration, without forcing users who have been previously provisioned to re-enroll their devices.