From c3b579c35c62e56f5a6c18b6cdf5fedc8e44ca06 Mon Sep 17 00:00:00 2001 From: AndrewKaranja Date: Mon, 10 Feb 2025 11:21:52 +0300 Subject: [PATCH] feat(loom-scim): provider support --- docs-v2/integrations/all/loom-scim.mdx | 49 +++++++++ .../integrations/all/loom-scim/connect.mdx | 102 ++++++++++++++++++ docs-v2/mint.json | 1 + .../generated/loom-scim/PreBuiltTooling.mdx | 40 +++++++ .../generated/loom-scim/PreBuiltUseCases.mdx | 5 + packages/providers/providers.yaml | 31 ++++++ .../images/template-logos/loom-scim.svg | 1 + .../public/images/template-logos/loom.svg | 6 ++ 8 files changed, 235 insertions(+) create mode 100644 docs-v2/integrations/all/loom-scim.mdx create mode 100644 docs-v2/integrations/all/loom-scim/connect.mdx create mode 100644 docs-v2/snippets/generated/loom-scim/PreBuiltTooling.mdx create mode 100644 docs-v2/snippets/generated/loom-scim/PreBuiltUseCases.mdx create mode 120000 packages/webapp/public/images/template-logos/loom-scim.svg create mode 100644 packages/webapp/public/images/template-logos/loom.svg diff --git a/docs-v2/integrations/all/loom-scim.mdx b/docs-v2/integrations/all/loom-scim.mdx new file mode 100644 index 00000000000..22fb86424fa --- /dev/null +++ b/docs-v2/integrations/all/loom-scim.mdx @@ -0,0 +1,49 @@ +--- +title: Loom SCIM +sidebarTitle: Loom SCIM +--- + +import Overview from "/snippets/overview.mdx" +import PreBuiltTooling from "/snippets/generated/loom-scim/PreBuiltTooling.mdx" +import PreBuiltUseCases from "/snippets/generated/loom-scim/PreBuiltUseCases.mdx" + + + + + +## Access requirements +| Pre-Requisites | Status | Comment | +| - | - | - | +| Paid dev account | ✅ | Loom SCIM is available on Enterprise plans. | +| Paid test account | ❓ | | +| Partnership | ❓ | | +| App review | ❓ | | +| Security audit | ❓ | | + +## Setup guide + +_No setup guide yet._ + +Need help getting started? Get help in the [community](https://nango.dev/slack). + +Contribute improvements to the setup guide by [editing this page](https://github.com/nangohq/nango/tree/master/docs-v2/integrations/all/loom-scim.mdx) + +## Useful links + +- [Loom Admin Console](https://www.loom.com/admin/security) +- [Loom Authentication and SCIM Setup Guide](https://support.loom.com/hc/en-us/articles/4405130750749-How-to-configure-SSO-and-Directory-Sync-SCIM) + +Contribute useful links by [editing this page](https://github.com/nangohq/nango/tree/master/docs-v2/integrations/all/loom-scim.mdx) + +## API gotchas + +- **Loom SCIM requires SAML SSO to be enabled** before a SCIM token can be generated. +- **SCIM tokens can be reused** across multiple identity providers (IdPs) such as Okta or Entra ID. +- **User provisioning supports roles**: `Creator`, `Viewer`, and `Admin`. + + +Contribute API gotchas by [editing this page](https://github.com/nangohq/nango/tree/master/docs-v2/integrations/all/loom-scim.mdx) + +## Going further + + Guide to connect to Loom SCIM using Nango Connect. \ No newline at end of file diff --git a/docs-v2/integrations/all/loom-scim/connect.mdx b/docs-v2/integrations/all/loom-scim/connect.mdx new file mode 100644 index 00000000000..8445316184e --- /dev/null +++ b/docs-v2/integrations/all/loom-scim/connect.mdx @@ -0,0 +1,102 @@ +--- +title: Loom SCIM - How to Connect Your Account +sidebarTitle: Loom SCIM +--- + +# Overview + +To connect your **Loom SCIM** account, you need to authenticate using an **API Key** and a **SCIM Bridge URL**. This allows Nango to securely manage user provisioning, deprovisioning, and access control through the Loom SCIM API. + +This guide will help you retrieve your SCIM credentials, configure **SSO**, enable **domain capture**, and set up **user deprovisioning**. + +--- + +### Prerequisites + +- A **Loom Enterprise** account. +- **SAML SSO enabled** (SCIM cannot be configured without SSO). +- A **SCIM API Key** generated from the **Loom Admin Console**. +- The **SCIM Bridge URL** (e.g., `https://scim.example.com`). + +🚨 **Important**: +Loom requires **SSO to be enabled** before generating SCIM credentials. Ensure your workspace has been configured accordingly. + +--- + +## **Step 1: Verify Your Domain** +Before configuring SSO or SCIM, an **Admin must verify the domain**. + +1. Log in to the **Loom Admin Console**. +2. Go to **Workspace Settings** → **Security Tab**. +3. Find the **Authorize Domains** section and add your domain. +4. Choose a verification method: + - **Email Verification** → Sends an email to a specified admin inbox. + - **DNS TXT Record** → Requires adding a TXT record to your domain's DNS settings. +5. After verifying, your domain will be listed as **authorized**. + +🚨 **Check Existing Users:** +Ensure no users with **unverified domains** are already invited to your workspace. If they exist, they will be **blocked** from logging into Loom. + +--- + +## **Step 2: Configure SSO** +Once your domain is verified, follow these steps to enable **Single Sign-On (SSO)**. + +1. Log in to **Loom Admin Console**. +2. Go to **Workspace Settings** → **Security Tab** → **SSO & Directory Sync**. +3. Click **Configure SSO** and follow the step-by-step guide. +4. Set the **Default Role** for newly provisioned users. + +### **Testing SSO Before Enforcing** +Loom provides an **Enforce SSO** setting: +- **Toggle OFF** → Users can continue logging in with email/password. +- **Toggle ON** → Users **must** authenticate using SSO. + +🚨 **Important:** +After enabling SSO, existing users must **log out and log back in** via SSO to be recognized as workspace members. + +--- + +## **Step 3: Retrieve Your Loom SCIM API Key** + +1. Log in to the [Loom Admin Console](https://www.loom.com/admin/security). +2. Navigate to **Security** → **Directory Sync (SCIM)**. +3. Click **Configure Directory Sync**. +4. Copy the **SCIM Endpoint** and **Bearer Token**. +5. Store the API Key securely; it will not be shown again. + +--- + +## **Step 4: Get Your SCIM Bridge URL** +Your **SCIM Bridge URL** is typically provided in **WorkOS** or Loom's SCIM setup guide. It should follow this format: + +https://scim.yourdomain.com + +If you're unsure of your SCIM Bridge URL: +- Check with your **IT team** or **Loom administrator**. +- Look in the **Loom SCIM configuration settings**. + +--- + +## **Step 5: Enable Domain Capture** +Loom’s **Domain Capture** setting ensures that all users with your **verified domain** automatically join your **Enterprise workspace**. + +1. Log in to **Loom Admin Console**. +2. Go to **Workspace Settings** → **Security Tab**. +3. Scroll down to **Domain Capture** settings. + +There are **two options**: +- **Off (Manual Management)** → New users must be invited or provisioned via SCIM. +- **Capture New Users in My Domain (Recommended)** → All users with your domain **automatically join** your Loom workspace. + +🚨 **Note:** +If **Directory Sync (SCIM)** is enabled, users are provisioned **immediately** when added to the **Loom app** in your IdP. + +--- + +## **Step 6: Connect Your Loom SCIM Account** +To authenticate with Loom SCIM, follow these steps: + +1. Open the **Loom SCIM integration setup** in Nango. +2. Enter your **SCIM Bridge URL** and **API Key**. +3. Click **Connect** to validate the credentials and establish the connection. \ No newline at end of file diff --git a/docs-v2/mint.json b/docs-v2/mint.json index 62c4f343a9a..df1b7d02907 100644 --- a/docs-v2/mint.json +++ b/docs-v2/mint.json @@ -448,6 +448,7 @@ "integrations/all/linkedin", "integrations/all/linkhut", "integrations/all/listmonk", + "integrations/all/loom-scim", "integrations/all/loops-so", "integrations/all/lucid-scim", "integrations/all/luma", diff --git a/docs-v2/snippets/generated/loom-scim/PreBuiltTooling.mdx b/docs-v2/snippets/generated/loom-scim/PreBuiltTooling.mdx new file mode 100644 index 00000000000..d6139f422ee --- /dev/null +++ b/docs-v2/snippets/generated/loom-scim/PreBuiltTooling.mdx @@ -0,0 +1,40 @@ +## Pre-built tooling + + +| Tools | Status | +| - | - | +| Pre-built authorization (API Key) | ✅ | +| Pre-built authorization UI | ✅ | +| Custom authorization UI | ✅ | +| End-user authorization guide | ✅ | +| Expired credentials detection | ✅ | + + +| Tools | Status | +| - | - | +| Pre-built integrations | 🚫 (time to contribute: <48h) | +| API unification | ✅ | +| 2-way sync | ✅ | +| Webhooks from Nango on data modifications | ✅ | +| Real-time webhooks from 3rd-party API | 🚫 (time to contribute: <48h) | +| Proxy requests | ✅ | + + +| Tools | Status | +| - | - | +| HTTP request logging | ✅ | +| End-to-type type safety | ✅ | +| Data runtime validation | ✅ | +| OpenTelemetry export | ✅ | +| Slack alerts on errors | ✅ | +| Integration status API | ✅ | + + +| Tools | Status | +| - | - | +| Create or customize use-cases | ✅ | +| Pre-configured pagination | 🚫 (time to contribute: <48h) | +| Pre-configured rate-limit handling | 🚫 (time to contribute: <48h) | +| Per-customer configurations | ✅ | + + \ No newline at end of file diff --git a/docs-v2/snippets/generated/loom-scim/PreBuiltUseCases.mdx b/docs-v2/snippets/generated/loom-scim/PreBuiltUseCases.mdx new file mode 100644 index 00000000000..7c7c0e3b645 --- /dev/null +++ b/docs-v2/snippets/generated/loom-scim/PreBuiltUseCases.mdx @@ -0,0 +1,5 @@ +## Pre-built integrations + +_No pre-built integration yet (time to contribute: <48h)_ + +Not seeing the integration you need? [Build your own](https://docs.nango.dev/guides/custom-integrations/overview) independently. diff --git a/packages/providers/providers.yaml b/packages/providers/providers.yaml index e10bc391c1e..b722f530da5 100644 --- a/packages/providers/providers.yaml +++ b/packages/providers/providers.yaml @@ -4683,6 +4683,37 @@ linkhut: base_url: https://api.ln.ht docs: https://docs.nango.dev/integrations/all/linkhut +loom-scim: + display_name: Loom SCIM + categories: + - other + auth_mode: API_KEY + proxy: + base_url: https://${connectionConfig.domain}/scim + headers: + authorization: Bearer ${apiKey} + verification: + method: GET + endpoint: /Users + docs: https://docs.nango.dev/integrations/all/loom-scim + docs_connect: https://docs.nango.dev/integrations/all/loom-scim/connect + connection_config: + domain: + type: string + title: Loom SCIM Bridge URL + description: The domain for your Loom SCIM Bridge + example: scim.example.com + pattern: '^[a-zA-Z0-9.-]+$' + prefix: https:// + doc_section: '#step-4-get-your-scim-bridge-url' + credentials: + apiKey: + type: string + title: SCIM API Key + description: Your Loom SCIM API Key + secret: true + doc_section: '#step-3-retrieve-your-loom-scim-api-key' + loops-so: display_name: Loops.so categories: diff --git a/packages/webapp/public/images/template-logos/loom-scim.svg b/packages/webapp/public/images/template-logos/loom-scim.svg new file mode 120000 index 00000000000..7dd97383019 --- /dev/null +++ b/packages/webapp/public/images/template-logos/loom-scim.svg @@ -0,0 +1 @@ +loom.svg \ No newline at end of file diff --git a/packages/webapp/public/images/template-logos/loom.svg b/packages/webapp/public/images/template-logos/loom.svg new file mode 100644 index 00000000000..4ab987d79e0 --- /dev/null +++ b/packages/webapp/public/images/template-logos/loom.svg @@ -0,0 +1,6 @@ + + + + + +