TL;DR
30% of your apps only speak HTML. We built the translator.
Legacy tools, internal dashboards, SCIM Tax offenders - they don't have APIs. They have web UIs. To an IT architect, that's noise: unstructured, volatile, impossible to automate.
Stitchflow makes them behave like SCIM endpoints:
- To your IdP: a standard integration that sends signals and gets structured responses
- Under the hood: isolated containers, encrypted sessions, deterministic validation
We turn the "dumb" application into a "smart" integration.
The problem: Apps that only speak HTML
In a perfect world, every application in your stack would have a robust REST API and a native SCIM endpoint.
Your Identity Provider (Okta or Entra) would talk to your apps in a clean, standardized language. Provisioning would be a simple CREATE request. Deprovisioning would be a DELETE request.
But we don't live in a perfect world. We analyzed 721 SaaS apps: 57% have no SCIM at all, 42% lock it behind enterprise pricing. Only 9 apps include SCIM on their base tier. Legacy tools, internal dashboards, and "SCIM Tax" offenders - they all speak one language: HTML.
To an IT Architect, HTML is noise. It is unstructured, volatile, and impossible to automate reliably.
So, we built a translation engine.

Stitchflow is not just a "bot" that clicks buttons. It is an infrastructure layer that forces a chaotic User Interface to behave exactly like a structured API - essentially a universal API for disconnected apps, giving you SCIM-like behavior even when the app itself refuses to build SCIM.
The "Synthetic" API
The core innovation of Stitchflow isn't just that we automate the browser. It's that we abstract the browser away from you entirely.
To your IdP or your workflow engine (Workato, BetterCloud, Okta Workflows), Stitchflow looks exactly like a standard integration.
- Input: You send us a standard SCIM signal (e.g., "Deactivate User X").
- Process: We spin up an isolated, headless browser in our private GCP cloud to execute the logic.
- Output: We return a structured JSON payload confirming the action, just like a REST API response.
We turn the "dumb" application into a "smart" integration.
Under the hood: Controlled Isolation
We didn't hack this together on a laptop. We architected it for scale and isolation.
When you trigger an action, we don't just run a script. We spin up a dedicated, ephemeral container in Google Cloud Run.
- The Clean Room: That browser instance exists only for your specific task. It lives inside our private VPC. It has no visibility into other customers or other runs.
- The Session Logic: We manage the messy parts of the web - cookies, session tokens, MFA states - so you don't have to. We encrypt these session artifacts using AES-256 and store them in GCP Secret Manager, allowing us to reuse sessions for speed without compromising security.
- The VPN Boundary: All execution happens behind a strict VPN boundary. The public internet never touches your automation logic directly.
Structured outputs over screen scraping
The dirty secret of traditional RPA is that it doesn't know what it did. It clicks a button and hopes for the best.
Stitchflow is deterministic. We don't just click; we validate.
When we run a deprovisioning flow, our engine scrapes the result, validates the success state (e.g., "User Deleted" toast message), and converts that event into a standardized machine-readable object.
This is the game-changer for IT engineering.
It means you can plug a legacy ERP system that was built in 2010 directly into a modern IdP like Okta or Entra.
Stitchflow acts as the adapter. We take the messy HTML of the legacy app and present it to Okta as a clean, compliant identity object.
Make the disconnected, connected
You shouldn't have to build custom scripts for every tool that lacks an API. That is technical debt that you will be paying interest on forever.
We've measured what manual provisioning actually costs. Based on real data from 27 organizations: ~$12,000 per app per year in IT labor, unused licenses, and compliance gaps.
We built the infrastructure to handle the chaos so you can maintain a clean architecture.
You treat Stitchflow like an API. We handle the browser tabs.
Frequently asked questions
A universal API for disconnected apps is an abstraction layer that makes HTML-only or legacy apps behave like modern API-integrated applications. Stitchflow creates this layer by converting UI actions (clicks, forms, state changes) into structured, SCIM-like JSON responses - so your IdP can automate provisioning even when the app itself has no API.
As Stitchflow's Co-founder and Operations & Customer Success leader, Shankar has spent 3 years as a de facto member of IT teams - learning exactly how they manage the imperfect stack they inherit and what makes automation actually work for them.


