Summary and recommendation
Adyen offers SCIM 2.0 provisioning, but only through Okta's integration—there's no native SCIM endpoint. This creates a significant vendor lock-in scenario where your provisioning capabilities are entirely dependent on using Okta as your identity provider. Teams using Azure Entra, Google Workspace, or OneLogin are left with manual user management despite Adyen supporting SAML SSO with these platforms. The Okta integration itself requires maintaining a company account (not just a merchant account) and keeping at least one non-SSO admin for troubleshooting, adding operational complexity.
For payment platforms handling sensitive financial data, this provisioning gap creates serious compliance risks. Your finance team, payment operations staff, and developers need timely access to process transactions and manage risk controls, but without automated provisioning, you're stuck with manual onboarding that can delay critical payment operations. The requirement to maintain non-SSO admin accounts also creates a security backdoor that compliance auditors will flag.
The strategic alternative
Adyen has no native SCIM. Automate offboarding, user access reviews, and license workflows across every app, including the ones without APIs. We maintain the integration layer underneath. You focus on judgment, not plumbing.
Quick SCIM facts
| SCIM available? | No |
| SCIM tier required | N/A |
| SSO required first? | Yes |
| SSO available? | Yes |
| SSO protocol | SAML 2.0 |
| Documentation | Official docs |
Supported identity providers
| IdP | SSO | SCIM | Notes |
|---|---|---|---|
| Okta | ✓ | ❌ | No SCIM available |
| Microsoft Entra ID | ✓ | ❌ | No SCIM available |
| Google Workspace | Via third-party | ❌ | No native support |
| OneLogin | Via third-party | ❌ | No native support |
The cost of not automating
Without SCIM (or an alternative like Stitchflow), your IT team manages Adyen accounts manually. Here's what that costs:
The Adyen pricing problem
Adyen gates SCIM provisioning behind premium plans, forcing significant cost increases for basic user management.
Tier comparison
| Plan | Price | SSO | SCIM |
|---|---|---|---|
| Manual management | Transaction fees only | ||
| Okta connector | Transaction fees + Okta licensing | ||
| Other IdPs | Transaction fees only |
Provisioning options
| Method | Cost | SCIM Support | SSO Support |
|---|---|---|---|
| Manual management | Transaction fees only | ❌ None | ✓ SAML 2.0 |
| Okta connector | Transaction fees + Okta licensing | ✓ Via Okta only | ✓ SAML 2.0 |
| Other IdPs | Transaction fees only | ❌ Manual provisioning | ✓ SAML 2.0 |
Adyen's transaction-based pricing
What this means in practice
If you use Okta: You get SCIM provisioning, but your payment platform access depends entirely on Okta's third-party connector. If the connector breaks or Okta deprecates it, your provisioning stops working.
If you use any other IdP: You're stuck with manual user management. Every new hire in payments, finance, or risk analysis requires manual account creation in Adyen's platform.
For a payment processor handling sensitive financial data, this creates significant operational risk around access control.
Additional constraints
Summary of challenges
- Adyen does not provide native SCIM at any price tier
- Organizations must rely on third-party tools or manual provisioning
- Our research shows teams manually provisioning this app spend significant hidden costs annually
What Adyen actually offers for identity
SAML SSO (Company Account Required)
Adyen supports SAML 2.0 integration for single sign-on:
| Setting | Details |
|---|---|
| Protocol | SAML 2.0 |
| Supported IdPs | Okta, Azure AD, AD FS, custom SAML providers |
| Account requirement | Must have company account (not merchant account) |
| Role requirement | Merchant admin or Merchant user management role |
| JIT provisioning | ✓ Yes |
Critical setup requirement: You must maintain at least one admin account without SSO enabled for troubleshooting purposes. Legal notice acceptance is also required before enabling SSO.
SCIM Provisioning (Okta Only)
Adyen's user provisioning is limited to Okta integration:
| Feature | Okta Support | Other IdPs |
|---|---|---|
| Create users | ✓ Yes | ❌ No |
| Update attributes | ✓ Yes | ❌ No |
| Deactivate users | ✓ Yes | ❌ No |
| Group linking | ✓ Yes | ❌ No |
| Schema discovery | ✓ Yes | ❌ No |
Major limitation: If you use Entra ID, Google Workspace, or OneLogin as your identity provider, there's no automated provisioning available. You're stuck with manual user management for your payment platform access.
Why This Falls Short for Payment Teams
Payment platforms require strict access control for compliance, but Adyen's provisioning limitations create operational headaches:
For payment operations teams that need reliable, IdP-agnostic provisioning, these constraints translate to ongoing manual work and potential compliance risks.
What IT admins are saying
Community sentiment on Adyen's provisioning setup reveals frustration with complex configuration requirements:
- Complex setup requirements - Multiple prerequisites including company account setup and specific admin roles
- Mandatory non-SSO admin maintenance - Must keep at least one admin account outside of SSO for troubleshooting
- Account type confusion - Requires company account rather than merchant account, creating setup barriers
- Hidden compliance steps - Legal notice acceptance required before SSO can be activated
Keep one admin without SSO for troubleshooting
Requires Merchant admin or Merchant user management role
The recurring theme
Even when Adyen supports SCIM provisioning through Okta, the setup complexity and mandatory non-SSO admin requirement creates ongoing operational overhead that defeats the purpose of automated user management.
The decision
| Your Situation | Recommendation |
|---|---|
| Small payment team (<10 users) | Manual management with SSO for authentication |
| Okta users needing basic provisioning | Use native Okta integration for SCIM |
| Large finance/payment ops team (20+ users) | Use Stitchflow: automation essential for sensitive payment access |
| Multi-IdP environment (Entra, Google Workspace) | Use Stitchflow: no native SCIM outside Okta |
| Enterprise with strict compliance requirements | Use Stitchflow: automation essential for audit trail and access control |
The bottom line
Adyen offers SCIM provisioning through Okta but leaves other IdP users managing payment platform access manually. For payment teams using Entra, Google Workspace, or needing consistent automation across multiple platforms, Stitchflow eliminates the manual overhead while maintaining the strict access controls that payment compliance requires.
Make Adyen workflows AI-native
Adyen has no native SCIM. We build complete offboarding, user access reviews, and license workflows across every app, including the ones without APIs.
Technical specifications
SCIM Version
Not specifiedSupported Operations
Not specifiedSupported Attributes
Not specifiedPlan requirement
Not specifiedPrerequisites
Not specifiedKey limitations
- Requires company account (not merchant account)
- Requires Merchant admin or Merchant user management role
- Keep one admin without SSO for troubleshooting
- Legal notice acceptance required for SSO
Configuration for Okta
Integration type
Okta Integration Network (OIN) app
Prerequisite
SSO must be configured before enabling SCIM.
Where to enable
Enterprise required for SCIM
Use Stitchflow for automated provisioning.
Unlock SCIM for
Adyen
Adyen has no native SCIM. We still automate end-to-end workflows across every app, including the ones without APIs.
See how it works
