Automated Provisioning
Files.com supports several methods for automatically provisioning user accounts. The right method is the one that aligns with the identity systems, automation platforms, or development tools already in your environment.
Most organizations provision Files.com users through the same systems that manage users or automation for other applications. Organizations that manage employee accounts through an Identity Provider provision users from that Identity Provider into Files.com. Organizations that automate infrastructure with Terraform manage Files.com through Terraform. Organizations that handle identity events in internal systems or application code integrate those systems with Files.com using the SDK or API.
Choose a Provisioning Method That Matches Your Existing Tools
When your organization manages employees through an Identity Provider, use SCIM provisioning. The Identity Provider acts as the source of truth and automatically creates, updates, and deactivates users in Files.com while synchronizing group membership.
When your organization uses Single Sign-On but does not configure SCIM provisioning, Just-in-Time (JIT) provisioning creates a Files.com account automatically the first time a user signs in through SSO.
When your organization provisions users through internal systems or application code, use the Files.com SDKs, APIs, or CLI. The SDK is the recommended programmatic approach because it reduces the amount of code required compared to building integrations directly against the REST API.
When your organization already operates workflow automation or integration platforms, provision users through those platforms using Files.com iPaaS integrations. Platforms including Microsoft Power Automate, Azure Logic Apps, Zapier, Boomi, MuleSoft, and Make trigger workflows that create, update, or deactivate Files.com users when events occur in connected business systems.
When your organization manages infrastructure through Terraform, provision and manage Files.com configuration through Terraform as part of your infrastructure-as-code workflows.
Many organizations apply different provisioning strategies for different categories of users, including internal employees, contractors, and external users such as partners, vendors, and collaborators. Multiple provisioning methods can operate together using the tools already deployed in the environment.
Identity Provider Provisioning
Many deployments manage user lifecycle events through an identity provider. Files.com integrates with identity providers through SCIM provisioning and Just-in-Time (JIT) provisioning.
SCIM Provisioning
SCIM is the most complete automated provisioning model and the most commonly used.
SCIM synchronizes users and groups between the identity provider and Files.com. The identity provider creates users, updates user attributes, assigns group memberships, and deactivates accounts when access changes. Files.com reflects the current state of the identity system at all times.
Identity provider administrators configure provisioning rules in the identity provider to determine which users and groups synchronize to Files.com. Group mappings give administrators control over folder permissions, protocol access, and account status through identity provider group assignments.
SCIM supports full lifecycle automation. When administrators deactivate or remove a user in the identity provider, the identity provider updates the corresponding account in Files.com and removes access automatically. Access policies remain aligned with the identity system.
Deployments that rely on centralized identity management typically implement SCIM provisioning because it provides lifecycle synchronization, group-based access control, and automated deactivation.
Files.com integrates with the following identity providers using SCIM: Okta, Microsoft Entra ID, LDAP/Active Directory, OneLogin, Cisco Duo, JumpCloud, and SAML (any provider).
Just-in-Time (JIT) Provisioning
Just-in-Time provisioning creates a Files.com user account when a user signs in through Single Sign-On (SSO) for the first time.
When a user authenticates through SSO, Files.com creates the account automatically using identity attributes supplied by the identity provider. Site Administrators do not need to pre-create user accounts before users access the system.
JIT is a lightweight way to enable Single Sign-On without configuring full lifecycle synchronization. Teams often enable JIT when deploying SSO quickly or when centralized lifecycle automation does not exist.
JIT creates accounts during login but does not synchronize lifecycle changes. Identity provider changes do not automatically deactivate users in Files.com. Group identifiers provided by some identity systems can also appear in formats that are difficult to interpret inside Files.com.
Deployments that require automated lifecycle management and structured access governance implement SCIM provisioning instead.
Programmatic Provisioning
Files.com supports automated user provisioning through programmatic interfaces, including the Files.com SDK & APIs and the Files.com Command Line Interface (CLI).
SDK Provisioning
Files.com provides official SDKs that simplify programmatic integration with the Files.com platform.
SDK libraries wrap the Files.com API and provide native interfaces for common programming environments. The libraries handle authentication, request formatting, and error handling while exposing the same provisioning operations available through the API.
Development teams often integrate SDKs into internal services or onboarding applications that manage user lifecycle events automatically.
CLI Provisioning
Files.com provides a Command Line Interface (CLI) that lets Site Administrators and automation systems perform administrative actions from scripts or command-line environments.
The CLI uses the Files.com API internally and supports operations including creating users, updating user settings, managing groups, and modifying permissions. Administrators often use the CLI in automation scripts, scheduled tasks, or operational workflows that manage users across multiple systems.
CLI provisioning is a convenient option for automation environments that rely on shell scripts or operational tooling instead of direct API integration.
API Provisioning
The Files.com API lets applications and automation systems create, update, and deactivate user accounts programmatically.
Internal systems including HR platforms, identity databases, or operational services often maintain authoritative identity records. These systems can synchronize users with Files.com by sending API requests whenever identity data changes.
The Files.com API lets applications create users, update attributes, assign folder permissions, configure protocol privileges, and deactivate accounts. Automation services trigger these API requests when events occur in the source system.
API provisioning integrates Files.com directly into internal automation pipelines and operational systems. Development teams frequently implement provisioning services that synchronize internal identity records with Files.com through scheduled jobs or event-driven workflows.
Terraform Based Provisioning
Files.com supports infrastructure-driven user provisioning through Terraform.
Teams that manage infrastructure through infrastructure-as-code frequently manage platform access through the same model. Terraform configuration files define users, permissions, and platform configuration as version-controlled infrastructure definitions.
Site Administrators include Files.com users and permissions alongside other infrastructure resources in Terraform configuration. When Terraform runs, the deployment process creates or updates user accounts according to the configuration state.
This approach provides consistent access management across environments and allows administrators to track changes through version control and infrastructure deployment pipelines.
Integration Platform (iPaaS) Provisioning
Files.com supports automated provisioning through Integration Platform as a Service (iPaaS) and workflow automation platforms.
These platforms connect multiple applications and trigger workflows when events occur in another system. A workflow can create, update, or deactivate Files.com users when identity events occur in connected business systems. For example, a workflow can create a Files.com user account when a new employee record appears in an HR system or when a new partner record appears in a CRM platform.
Files.com connectors let these platforms create, update, and deactivate users and groups through the Files.com API.
Supported integration platforms include Microsoft Power Automate / Azure Logic Apps, Zapier, Boomi, MuleSoft, and Make.
These platforms automate provisioning across multiple SaaS systems without requiring custom integration services. Workflow automation coordinates identity events across connected platforms so that Files.com user access remains aligned with activity in other business systems.
Get The File Orchestration Platform Today
4,000+ organizations trust Files.com for mission-critical file operations. Start your free trial now and build your first flow in 60 seconds.
No credit card required • 7-day free trial • Setup in minutes